Hey Eliezer,
Thanks for looking into details.
Here is my te file
module MYPOLICY 1.0;
require {
type unconfined_t;
type var_run_t;
type usr_t;
type syslogd_t;
type user_tmpfs_t;
type squid_t;
type tmpfs_t;
class process signal;
class file { getattr read create unlink open };
class dir { write remove_name add_name };
}
#============= squid_t ==============
#!!!! The source type 'squid_t' can write to a 'dir' of the following types:
# var_log_t, var_run_t, pcscd_var_run_t, squid_var_run_t, squid_cache_t,
squid_log_t, cluster_var_lib_t, cluster_var_run_t, root_t,
krb5_host_rcache_t, cluster_conf_t, tmp_t
allow squid_t tmpfs_t:dir { write remove_name add_name };
allow squid_t tmpfs_t:file { create unlink };
allow squid_t unconfined_t:process signal;
allow squid_t user_tmpfs_t:file unlink;
allow squid_t var_run_t:file { read getattr open };
#============= syslogd_t ==============
#!!!! The source type 'syslogd_t' can write to a 'dir' of the following
types:
# var_log_t, var_run_t, syslogd_tmp_t, syslogd_var_lib_t, syslogd_var_run_t,
innd_log_t, device_t, tmp_t, logfile, cluster_var_lib_t, cluster_var_run_t,
root_t, krb5_host_rcache_t, cluster_conf_t, tmp_t
allow syslogd_t usr_t:dir write;
Also, can you give me link to your unofficial RPMs.
Thanks
Aashima
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/FATAL-Ipc-Mem-Segment-create-failed-to-shm-open-squid-cf-metadata-shm-13-Permission-denied-tp4677044p4677061.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
