[Arm-dev] whatprovides sepol-ifgen?

Tue Feb 5 18:47:52 UTC 2019
Robert Moskowitz <rgm at htt-consult.com>


On 2/5/19 1:12 PM, Patrick Laimbock wrote:
> -----Original message-----
>> From:Robert Moskowitz <rgm at htt-consult.com>
>> Sent: Tuesday 5th February 2019 16:21
>> To: Conversations around CentOS on ARM hardware <arm-dev at centos.org>
>> Subject: [Arm-dev] whatprovides sepol-ifgen?
>>
>> I am fighting to get dovecot working with mysql.sock with SELinux
>> enforced.  And I am trying to do this 'better' than what I found 2 years
>> ago.  On the SELiunx list I was told to run:
>>
>> ausearch -m AVC --context dovecot_t | audit2allow --reference -m
>> dovecot_mysql_custom
>>
>> But this generates the error
>>
>> could not open interface info [/var/lib/sepolgen/interface_info
>>
>> To fix this I was told to run
>>
>> sepol-ifgen
> Try sepolgen-ifgen. IIRC it lives in the policycoreutils-devel package.
>
> Patrick

Thanks Patrick, but turns out I don't need to do this.  Another Redhat 
developer chimed in on the SELinux list and provided me the right policy 
magic to get dovecot, mysql, and selinux all happy.

I will be documenting all this shortly.

Now moving on to the next issue.