-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tony Molloy wrote:
On Thursday 31 January 2008 23:15:50 Henning Larsen wrote:
> On Fri, 2008-02-01 at 09:36 +1030, Tim wrote:
>> On Thu, 2008-01-31 at 19:02 +0100, Henning Larsen wrote:
>>> btw, I can live with it since the alert has gone and I use enforcing
>>> mode.
>> Though, going by what you posted earlier using audit2allow, you've
>> probably disabled SELinux from doing anything about Samba. Enforcing no
>> rules isn't really enforcing SELinux...
>>
>> This is the same sort of thing as some firewall telling a user that the
>> firewall has blocked trojan from using the internet, and the user clicks
>> on allow access. You have to diagnose the fault, not just get rid of
>> the warning.
>>
>> --
>> (This computer runs FC7, my others run FC4, FC5 & FC6, in case that's
>> important to the thread.)
>>
>> Don't send private replies to my address, the mailbox is ignored.
>> I read messages from the public lists.
> I did belive that too, my problem now is that I don't know how to
> reverse what I did to stop the alerts.
> Do you have an answer to that?
>
locate mysamba.pp
rm -f ...active/mysamba.pp
rm -f .../previous/mysamba.pp
reboot
Tony
> btw. my router is firewalled against samba, so there is no big security
> issue.
>
> Henning Larsen
semodule -r mysamba is the proper way to do this
Just removing the pp files will not effect the policy until the next
time the policy is rebuild. So doing the rm -f ...active/mysamba.pp
would need to be followed by semodule -B and no reboot would be
necessary. (This is not windows.)
Henning, what AVC's are you seeing? What did the te file that you
loaded look like?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iEYEARECAAYFAkejINQACgkQrlYvE4MpobPzSQCff21FJt9688xvR4ca73QLIKSh
8aUAoK3XXt6mrEnrqmq/r0KcfbL9v0uE
=LFSH
-----END PGP SIGNATURE-----