Alan J. Gagne
alan.gagne at comcast.net
Tue Mar 29 03:41:04 UTC 2005
Not sure this was the best approach. but it's working !
Downloaded the selinux-policy-targeted-sources and added the following
to the policy.conf.
allow unconfined_t default_t:file execmod;
allow unconfined_t tmp_t:file execmod;
allow unconfined_t user_home_t:file execmod;
allow unconfined_t usr_t:file execmod;
( these were determined by running allow2audit against
the audit.log and taking only the ones which affected
the oracle processes from starting.)
Did a make and make load.
I can now start the oracle processes with selinux set to enforce.
This may have broken some security that should be in place so
if anybody has any further info please correct my habits before
they become engrained for life.
More information about the test