$ sandbox -t sandbox_min_t htop ERROR: could not find datum for type sandbox_t /bin/sandbox: Sandbox Policy is currently disabled. You need to enable the policy by executing the following as root # semodule -e sandbox $ su -c 'semodule -l | grep sand' sandbox 1.0.0 Disabled sandboxX 1.0.0
PS: htop used as example there After update\reinstall selinux-policy-targeted package this module is disabled again.
In F17 this module was enabled.
The question is that now this module will be always disabled by default, or it is a temporary solution?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/26/2013 04:30 AM, Fl@sh wrote:
$ sandbox -t sandbox_min_t htop ERROR: could not find datum for type sandbox_t /bin/sandbox: Sandbox Policy is currently disabled. You need to enable the policy by executing the following as root # semodule -e sandbox $ su -c 'semodule -l | grep sand' sandbox 1.0.0 Disabled sandboxX 1.0.0
PS: htop used as example there After update\reinstall selinux-policy-targeted package this module is disabled again.
In F17 this module was enabled.
The question is that now this module will be always disabled by default, or it is a temporary solution?
sandbox.pp should be enabled once you enable it, if not then this is a bug in the tooling.
Are you sure you want sandbox -t sandbox_min_t htop as opposed to sandbox -X - -t sandbox_min_t htop
On Mon, 26 Aug 2013 09:56:40 -0400 Daniel J Walsh dwalsh@redhat.com wrote:
sandbox.pp should be enabled once you enable it, if not then this is a bug in the tooling.
Module should be enabled once? -- hence, there just a bug.
Are you sure you want sandbox -t sandbox_min_t htop as opposed to sandbox -X
- -t sandbox_min_t htop
yes, after sandbox.pp enable it is works.
selinux@lists.fedoraproject.org