I have made a custom policy for the firefox www-browser. To adchieve this i did the following:
# cd /usr/share/selinux/devel # policygentool firefox /usr/bin/firefox # make -f /usr/share/selinux/devel/Makefile # semodule -i firefox.pp # restorecon -R -v /usr/bin/firefox
When i enter: semodule -l i see the firefox module has been loaded however i expected too see some action though in /var/log/messages.
On Sat, 01 Jul 2006 17:16:37 +0200, netpython said:
I have made a custom policy for the firefox www-browser. To adchieve this i did the following:
# cd /usr/share/selinux/devel # policygentool firefox /usr/bin/firefox # make -f /usr/share/selinux/devel/Makefile # semodule -i firefox.pp # restorecon -R -v /usr/bin/firefox
When i enter: semodule -l i see the firefox module has been loaded however i expected too see some action though in /var/log/messages.
OK.. I'll bite... what specifically did you try that *should* have generated an AVC?
Also, note that if auditd is running, it will be logged in /var/log/audit/ rather than via syslogd. 'man ausearch'
On Sat, 2006-07-01 at 17:16 +0200, netpython wrote:
I have made a custom policy for the firefox www-browser. To adchieve this i did the following:
# cd /usr/share/selinux/devel # policygentool firefox /usr/bin/firefox # make -f /usr/share/selinux/devel/Makefile # semodule -i firefox.pp # restorecon -R -v /usr/bin/firefox
When i enter: semodule -l i see the firefox module has been loaded however i expected too see some action though in /var/log/messages.
Audit-Log is /var/log/audit/audit.log in Fedora Core 5.
Happy Day. Thorsten
selinux@lists.fedoraproject.org
-
Peter Harmsen -
Thorsten Scherf -
Valdis.Kletnieks@vt.edu