Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: Bill McCarty <bmccarty@...>
From: Chris PeBenito <pebenito@g.o>
Subject: Re: Learning to write SELinux policies
Date: Sat, 17 Jan 2004 18:36:41 -0600
On Sat, 2004-01-17 at 17:51, Bill McCarty wrote:
> Here's a case in point. My system is configured in permissive mode, and I'm 
> root, in the sysadm_r role:
>
> I launch the Samhain executable, but it doesn't run:
> 
> > # /usr/local/sbin/samhain -t check
> > -/bin/bash: /usr/local/sbin/samhain: Permission denied

The TE rules only describes the ways to transition to the samhain_t
domain, but the role also has to be allowed to exist in the samhain_t
domain.  Adding this will probably fix it:

role sysadm_r types samhain_t;

I'm not sure why this type of problem doesn't generate any messages. 
BTW, this type of question goes better on the hardened ml.

-- 
Chris PeBenito
<pebenito@g.o>
Developer,
Hardened Gentoo Linux
Embedded Gentoo Linux
 
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A  CB00 BC8E E42D E6AF 9243
Attachment:
signature.asc (This is a digitally signed message part)
Replies:
Re: Learning to write SELinux policies
-- Bill McCarty
References:
Learning to write SELinux policies
-- Bill McCarty
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Learning to write SELinux policies
Next by thread:
Re: Learning to write SELinux policies
Previous by date:
unsubscibe
Next by date:
Re: Learning to write SELinux policies


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.