>>>>> "Adam" == Adam Bishop <[log in to unmask]> writes:
Adam> On 27 Jun 2014, at 17:49, Stefan Paetow <[log in to unmask]> wrote:
>> <radius_trust_router_selinux.txt>
Adam> Would it be better to implement this as an selinux boolean?
Adam> I'd like to avoid making global policy changes to fix a local
Adam> issue.
Adam> Not all TIDS deployments will have FreeRADIUS running, and not
Adam> all FreeRADIUS deployments will have TIDS running.
It seems like if you do the file contexts right, you can avoid the
boolean.
You always enable the rule, but there is no file that exists in the
context for the rule to apply unless there's actually a keys database.
