-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2010 11:11 PM, Paul Ward wrote:
Hi Daniel,
Thanks for your reply, looks like that may be what I need. :)
I assume again this wont upset teh running of the machine when this is
performed?
Also is theis change persisteant after reboots?
Is there a way for making a new policy to allow the required actions
instead of removing the dontaudit all together?
many thanks
Yes, You can add the new rules using audit2allow
grep AVC /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Will add the rules.
semodule -B
Will turn back on the dontaudit rules.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAkvMVQoACgkQrlYvE4MpobN9NACgxwTvJecRQ/CM3PLcgiGyKcy3
lyAAmwYrCloBFwXTqvI8rOYJo/ZqE8v9
=fkD9
-----END PGP SIGNATURE-----