Selinux

From KeegansWiki

Revision as of 13:20, 28 October 2011 by Keegan (talk | contribs) (→‎Create Custom Modules)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Create Custom Modules

Requires package selinux-policy-devel

grep http /var/log/audit/audit.log | audit2allow -m newrelicsock > /tmp/newrelic.te
make -f /usr/share/selinux/devel/Makefile
semodule -i newrelic

Alternative

grep httpd /var/log/audit/audit.log | audit2allow -M newrelic
semodule -i newrelic.pp

Show why selinux is being an asshole

sealert -a /var/log/audit/audit.log

sealert is provided by the package setroubleshoot

Retrieved from "http://wiki.keeganm.com/index.php?title=Selinux&oldid=204"