36
Chapter 3. Targeted Policy Overview
Warning
Removing the wrong file can result in your system being unable to boot in enforcing mode. Policy
compilation can fail if dependencies are not available. Be sure you know the consequences of re
moving any of the *.te files from /etc/selinux/targeted/src/policy/.
A better solution for most cases is to use the Booleans to disable the policy for uninstalled applica
tions. This compromise reduces some of the kernel overhead
Here is an abbreviated file tree for the policy source. Not included are the TE files that are unused in
the targeted policy. Note the presence of the files
policy.conf
,
file_contexts/file_contexts
,
and
tmp/*
. These indicate a policy that has been compiled from source and possibly loaded.
tree /etc/selinux/targeted/src/policy/
/etc/selinux/targeted/src/policy/
| COPYING
| ChangeLog
| Makefile
| README
| VERSION
| appconfig
|
| default_contexts
|
| default_type
|
| failsafe_context
|
| initrc_context
|
| media
|
| removable_context
|
| root_default_contexts
|
` userhelper_context
| assert.te
| attrib.te
| constraints
| domains
|
| misc
|
|
` unused
|
| program
|
|
| apache.te
|
|
| dhcpd.te
|
|
| hotplug.te
|
|
| init.te
|
|
| initrc.te
|
|
| ldconfig.te
|
|
| mailman.te
|
|
| modutil.te
|
|
| mta.te
|
|
| mysqld.te
|
|
| named.te
|
|
| nscd.te
|
|
| ntpd.te
|
|
| portmap.te
|
|
| postgresql.te
|
|
| rpm.te
|
|
| snmpd.te
|
|
| squid.te
|
|
| syslogd.te
|
|
| udev.te
|
|
| winbind.te
|
|
` ypbind.te
|
` unconfined.te
| file_contexts
|
| distros.fc
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved