[CentOS] RHEL 7 Beta is now public
Peter
peter at pajamian.dhs.org
Thu Dec 12 18:49:02 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/13/2013 02:45 AM, Daniel J Walsh wrote:
>
> What SELInux issue did you have? What policy did you need to add?
Unfortunately I've misplaced the audit logs and report of the problem,
but this is the policy I had to add:
module mypol 1.0;
require {
type unconfined_t;
type sshd_net_t;
type kernel_t;
class process { dyntransition transition sigchld };
}
#============= kernel_t ==============
allow kernel_t sshd_net_t:process dyntransition;
allow kernel_t unconfined_t:process { dyntransition transition };
#============= sshd_net_t ==============
allow sshd_net_t kernel_t:process sigchld;
Peter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSqgUdAAoJEAUijw0EjkDvUv4H/0mpXttdzTV7ZfWtFiV+3nJF
Kd0wJ6hUxOJqiR/hmckFNKMatzCZBrinDEnOaNYrXLcAoCAVrX6bTQZkiiY4bIAD
7H3MSihnSIn5pBq6rcCtQcEIr56BetnMGtUJeQTIO8JZyYZvst3/8sdwXNd/1d2u
p0OaS7r/AEAXKaTsrUSrNAp/stzObvRJpqJecVXLBJP84A2uQQYoxp5NaUY9slli
qUt6UYRHMSyJgyZitG2FsyvtMM3y66a3lfell13GMIZbYvBXC7CbvjgmjXpQ5Ktt
4inIpt1tQynZJQodpcQ/FrR4BdURbHKwAvIdMRN/4z7c5ZCk294vAJ2f8Mdb1X0=
=3qfe
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list