Hello!
Is there any way to list changes or additions to the policy from the default? I have a server that I plan on migrating and I don't have all of the changes I made to SELinux's policy documented. It would be nice if there was a tool that would list what options have changes since the default and their current values.
Thanks in advance!
Thank you,
Erik Boyer Production / IT System Support
KUKA Toledo Production Operations, LLC
Tel. +1 419 727-5549, Fax +1 419 729-7085, Cell 419-438-5350 erik.boyer@ktpo.commailto:erik.boyer@ktpo.com www.ktpo.comhttp://www.ktpo.com/
Consider the environment. If you print this email, please recycle.
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of contents of this e-mail is strictly forbidden.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/26/2012 08:29 AM, Erik Boyer wrote:
Hello!
Is there any way to list changes or additions to the policy from the default?
I have a server that I plan on migrating and I don’t have all of the changes I made to SELinux’s policy documented. It would be nice if there was a tool that would list what options have changes since the default and their current values.
Thanks in advance!
You can changes/extract/install semanage changes
http://danwalsh.livejournal.com/41794.html
As far as modules that you installed, if you did not keep track you could use rpm to tell you
sudo rpm -qf /etc/selinux/targeted/modules/active/modules/*pp | grep -v selinux-policy-targeted
Thank you,
*Erik Boyer *Production / IT System Support
*KUKA Toledo Production Operations, LLC
- Tel. +1 419 727-5549, Fax +1 419 729-7085, Cell 419-438-5350
erik.boyer@ktpo.com mailto:erik.boyer@ktpo.com_ _www.ktpo.com http://www.ktpo.com//
Consider the environment. If you print this email, please recycle.
/This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of contents of this e-mail is strictly forbidden.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
On Mon, 2012-11-26 at 13:29 +0000, Erik Boyer wrote:
Hello!
Is there any way to list changes or additions to the policy from the default?
I have a server that I plan on migrating and I don’t have all of the changes I made to SELinux’s policy documented. It would be nice if there was a tool that would list what options have changes since the default and their current values.
Thanks in advance!
Thank you,
Erik Boyer Production / IT System Support
KUKA Toledo Production Operations, LLC
Tel. +1 419 727-5549, Fax +1 419 729-7085, Cell 419-438-5350 erik.boyer@ktpo.com www.ktpo.com
Consider the environment. If you print this email, please recycle.
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of contents of this e-mail is strictly forbidden.
Not sure exactly but i think you can also use sediff to see the differences between your current policy.* versus the one shipped
But that excludes some stuff
You can also use sedismod to look into any custom policy packages that you may have installed
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
selinux@lists.fedoraproject.org