>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

Re: iptables.te errors

From: Stephen Smalley <sds_at_tislabs.com>
Date: Mon, 17 Dec 2001 07:42:49 -0500 (EST)

On Sun, 16 Dec 2001, Shaun Savage wrote:

> HI
> I am having a hard time with getting courier to work that I decided to
> try somwthing easier. iptables. Attached is the te file that I am using.

It looks like you used the ipchains_t domain as your starting point. Is there any reason why iptables needs its own domain (i.e. does it need significantly different permissions from ipchains)? If not, you should just label iptables with the ipchains_exec_t type and use the existing ipchains_t domain.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com




--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Received on Mon 17 Dec 2001 - 07:46:48 EST

This message: [ Message body ]
Next message: Stephen Smalley: "Re: No consistancy in Make variable names"
Previous message: Stephen Smalley: "Re: persistent labelling on afs, jfs, xfs?"
In reply to: Shaun Savage: "iptables.te errors"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT