web-controlled system
Karsten Wade
kwade at redhat.com
Tue Jun 7 06:08:51 UTC 2005
On Fri, 2005-06-03 at 10:16 -0700, Florin Andrei wrote:
> On Fri, 2005-06-03 at 17:46 +1000, Russell Coker wrote:
> > On Friday 03 June 2005 17:27, Florin Andrei <florin at andrei.myip.org> wrote:
> > > I'd imagine that by exercising the daemon in all ways possible, and
> > > keeping an eye on syslog at the same time, I should be able to figure
> > > out what needs to be permitted in the policy, right?
> >
> > Correct.
>
> <sigh> I wish there was a concrete example somewhere on how to do that.
> It's not like SELinux doesn't have any docs at all but... So many things
> to do, so little time...
You might have seen this, or not:
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-chapter-0071.html
It's very generic and high-level. I'm very interested in real world
experiences trying to use those how-to instructions. Other
methodologies and experiences are also interesting. You can file a
bugzilla report[1] with any details you want to share. This is an area
of the SELinux Guide that people are asking for improvement on, and it
would be nice to have more concrete details to work from.
- Karsten
[1] Follow the directions here:
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/s1-intro-more-to-come.html
--
Karsten Wade, RHCE * Sr. Tech Writer * http://people.redhat.com/kwade/
gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
Red Hat SELinux Guide
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20050606/3b97cf07/attachment.bin
More information about the selinux
mailing list