-----Original message-----
From:Robert Moskowitz rgm@htt-consult.com Sent: Tuesday 5th February 2019 16:21 To: Conversations around CentOS on ARM hardware arm-dev@centos.org Subject: [Arm-dev] whatprovides sepol-ifgen?
I am fighting to get dovecot working with mysql.sock with SELinux enforced. And I am trying to do this 'better' than what I found 2 years ago. On the SELiunx list I was told to run:
ausearch -m AVC --context dovecot_t | audit2allow --reference -m dovecot_mysql_custom
But this generates the error
could not open interface info [/var/lib/sepolgen/interface_info
To fix this I was told to run
sepol-ifgen
Try sepolgen-ifgen. IIRC it lives in the policycoreutils-devel package.
Patrick
On 2/5/19 1:12 PM, Patrick Laimbock wrote:
-----Original message-----
From:Robert Moskowitz rgm@htt-consult.com Sent: Tuesday 5th February 2019 16:21 To: Conversations around CentOS on ARM hardware arm-dev@centos.org Subject: [Arm-dev] whatprovides sepol-ifgen?
I am fighting to get dovecot working with mysql.sock with SELinux enforced. And I am trying to do this 'better' than what I found 2 years ago. On the SELiunx list I was told to run:
ausearch -m AVC --context dovecot_t | audit2allow --reference -m dovecot_mysql_custom
But this generates the error
could not open interface info [/var/lib/sepolgen/interface_info
To fix this I was told to run
sepol-ifgen
Try sepolgen-ifgen. IIRC it lives in the policycoreutils-devel package.
Patrick
Thanks Patrick, but turns out I don't need to do this. Another Redhat developer chimed in on the SELinux list and provided me the right policy magic to get dovecot, mysql, and selinux all happy.
I will be documenting all this shortly.
Now moving on to the next issue.
-
Patrick Laimbock -
Robert Moskowitz