On 08/11/13 06:24, David Sommerseth wrote:
> On 07. nov. 2013 04:06, Steven Haigh wrote:
>>
>> While this is interesting, it doesn't provide any methods for auditing
>> selinux rules.
> 
> Hi Steven,
> 
> This can be quite hard.  But I'll try to help you understand this topic
> a little bit better.  Unfortunately, it's not easy (for me) to make it
> quick and short.
> 

I have to say, this is one of the best run downs of SELinux that I have
ever read.

I've been playing with SELinux on one server for a few days in
permissive mode - after manually installing the policies etc. As such,
I'm not 100% sure if all labelling has been done correctly. I did force
a relabel, but I was hoping there was a simple way to test things -
however it doesn't seem that simple :)

I'll fiddle around a bit more in the need future.

-- 
Steven Haigh

Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
Fax: (03) 8338 0299