Hide Forgot
Description of problem: The ABRT event script support was added to selinux-policy using the abrt_handle_event boolean which is not documented.
How about: abrt_selinux(8) ABRT SELinux Policy documentation abrt_selinux(8) NAME abrt_selinux - Security-Enhanced Linux Policy for the ABRT daemon DESCRIPTION Security-Enhanced Linux (SELinux) secures the squid server via flexible mandatory access control. SHARING FILES If you want to share files with multiple domains (Apache, FTP, rsync, Samba, ABRT), you can set a file context of public_content_t and public_content_rw_t. These context allow any of the above domains to read the content. If you want a particular domain to write to the public_content_rw_t domain, you must set the appropriate boolean. DOMAIN_anon_write. So for ABRT you would execute: setsebool -P abrt_anon_write 1 BOOLEANS If you want to allow ABRT to run ABRT event scripts properly, you need to set the abrt_handle_event boolean on. Then an event script will run in the own SELinux domain. setsebool -P abrt_handle_event 1 Note that you can also use the system-config-selinux utility that allows you to customize SELinux policy settings in the graphical user interface. AUTHOR This manual page was written by Miroslav Grepl <mgrepl>.
-Security-Enhanced Linux (SELinux) secures the squid server via flexible mandatory access control. +Security-Enhanced Linux (SELinux) secures the ABRT server via flexible mandatory access control.
Fixed in selinux-policy-3.7.19-109.el6
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1511.html