On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote:
I su as root initially and in my /root directory
and created the "foo" there. You did not state
where to create "foo" so if I did this in the
wrong place, please let me know.
Re-added the list to the cc line above.
It doesn't matter where you create it - it is just a temporary working
directory.
I downloaded the
checkmodule and installed it earlier so it appears
that this time everything works, except that in the
tmp file created, I did not get the same files as
you may have. Here is the log of actions:
[dant@copper ~]$ su -
Password:
[root@copper ~]# mkdir foo
[root@copper ~]# cd foo
[root@copper foo]# vi local.te
[root@copper foo]# touch local.if local.fc
[root@copper foo]# make -f /usr/share/selinux/devel/Makefile
Compliling targeted local module
/usr/bin/checkmodule: loading policy configuration from tmp/local.tmp
/usr/bin/checkmodule: policy configuration loaded
/usr/bin/checkmodule: writing binary representation (version 5) to
tmp/local.mod
Creating targeted local.pp policy package
rm tmp/local.mod.fc tmp/local.mod
[root@copper foo]# ls
local.fc local.if local.pp local.te tmp
[root@copper foo]# ls tmp
all_interfaces.conf local.mod.role local.tmp
[root@copper foo]#
Looks correct to me, and matches what was in my original message. So
now you finish the sequence of instructions I provided originally, i.e.
# semodule -i local.pp
Then retry accessing /var/www content from samba, and if it still
doesn't work, check your /var/log/messages file for avc: denied
messages.
--
Stephen Smalley
National Security Agency