setsebool -P cron_userdomain_transition on not permanent?
Daniel J Walsh
dwalsh at redhat.com
Thu Mar 6 17:13:10 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/06/2014 10:28 AM, Bruno Wolff III wrote:
> I have been setting cron_userdomain_transition on because otherwise cron
> doesn't work. However despite using the -P option I have occasionally had
> to go back and set the boolean again.
>
> Is there some changes going on in policy updates that would affect this?
>
> How do I check that the change is stored in the policy, and not just in
> effect until the next reboot? -- selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
That should not happen.
Off the top of my head you could try:
sesearch -A -b cron_userdomain_transition -C
/etc/selinux/targeted/policy/policy.29
If this shows most of the lines lines beginning with E then you know it is on
in the policy file. If they begin with D then it is off.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlMYrKYACgkQrlYvE4MpobM8hQCfRa6LnYpkwvHuWErvzUrtb3je
c7kAn3O/VeGqJOxXjDbuXh36GIyA29rZ
=rnuM
-----END PGP SIGNATURE-----
More information about the selinux
mailing list