rpms
/
libsemanage
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Enable expand-check in semanage.conf 

libsepol was fixed before release 2.4 and expand-check=1 doesn't make a
big time penalty. On the other hand, it's helpful to make it enabled by
default.

Resolves: rhbz#1319652
This commit is contained in:
Petr Lautrbach 2016-03-21 11:15:41 +01:00
parent ef444a88f3
commit e2707be9e1
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
semanage.conf
View File

@ -36,9 +36,10 @@ module-store = direct
# version is necessary. # version is necessary.
#policy-version = 19 #policy-version = 19
# expand-check check neverallow rules when executing all semanage commands. # expand-check check neverallow rules when executing all semanage
# Large penalty in time if you turn this on. # commands. There might be a penalty in execution time if this
expand-check=0 # option is enabled.
expand-check = 1
# usepasswd check tells semanage to scan all pass word records for home directories # usepasswd check tells semanage to scan all pass word records for home directories
# and setup the labeling correctly. If this is turned off, SELinux will label /home # and setup the labeling correctly. If this is turned off, SELinux will label /home