[ale] Another bug in FC3
James P. Kinney III
jkinney at localnetsolutions.com
Thu Dec 9 22:54:35 EST 2004
In general, a customized configuration file is NOT touched during an
upgrade with RPM 4+ (one of the reasons for upgrading rpm).
With FC3, a yum update moved a custom policy file to <policyfile>.rpmnew
and installed the new policy with the original name. Suddenly, the
webscripts quite talking to the database.
For the 'new to SELinux' crowd, audit2allow is a great tool that will
generate a new policy string to allow the disallowed action. It is not
perfect (i.e. need apache to be able to write to the postgresql socket
ONLY, not just write to _any_ socket which is what audit2allow
generates) but it will sure the system functioning (with no less
security than pre-SELinux).
--
James P. Kinney III \Changing the mobile computing world/
CEO & Director of Engineering \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
http://www.localnetsolutions.com
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
More information about the Ale
mailing list