On Fri, May 19, 2006 at 12:13:15PM -0500, Hongwei Li wrote:
The problem is I need to re-do for local.te from time to time, and whenver I
run (after rebooting)
# audit2allow -M local < /var/log/audit/audit.log
the line
allow httpd_t shadow_t:file { getattr read write };
is automatically added to local.te -- [...]
How to fix the problem?
How about something like this?
audit2allow -l -i /var/log/audit/audit.log | grep -v shadow >> local.te
--
Kayvan A. Sylvan | Proud husband of | Father to my kids:
Sylvan Associates, Inc. | Laura Isabella Sylvan, | Katherine Yelena (8/8/89)
http://sylvan.com/~kayvan | my beautiful Queen. | Robin Gregory (2/28/92)