Tomáš "Tomyk" Ruprich
tomyk at uikt.mendelu.cz
[root@tomyk]# uname -a
Linux tomyk 2.6.18-53.1.14.el5 #1 SMP Wed Mar 5 11:36:49 EST 2008 i686 i686 i386 GNU/Linux
[root@tomyk]# echo "module local 1.0;
require {
type httpd_t;
type usr_t;
class file execute;
class process { execstack execmem execheap };
}
#============= httpd_t ==============
allow httpd_t self:process execstack;
allow httpd_t self:process execmem;
allow httpd_t self:process execheap;
allow httpd_t usr_t:file execute;" > local.te
[root@tomyk]# checkmodule -M -m -o local.mod local.te
[root@tomyk]# semodule_package -o local.pp -m local.mod
[root@tomyk]# semodule -i ./local.pp