• 1

Re: disabling unconfined broke aide ran from cron

RHEL6.3 allow cron to run aide with selinux policy howto: add the following policy by creating the myaide.te and then make pp and install with semodule command.

# cat myaide.te

policy_module(myaide, 1.0)

gen_require(`
type aide_t;
type aide_exec_t;
')

cron_system_entry(aide_t, aide_exec_t)

# make -f /usr/share/selinux/devel/Makefile myaide.pp
# semodule -i myaide.pp

Re: disabling unconfined broke aide ran from cron

Yes we have made this change to RHEL7 policy and will back port it to RHEL6

  • 1
?

Log in