Hello Kim,

i'd downloaded rpm, cont= aining relevant module, unpacked it and then used semodule -i /path/to/modu= le.pp to replace it.

Also, i think simple reinstall of the policy= would do the trick.

Here's what i base my assumption on:

root@selinux:/root # cp /etc/selinux/custom/modules/active/= modules/apt.pp /tmp/

root@selinux:/root # semodule -l | grep apt<= /div>

apt =C2=A0 =C2=A0 1.8.2

root@selinux:/root # semodule -r apt=

root@selinux:/root # ls -la /etc/selinux/custom/modules/active/m= odules/apt*

ls: cannot access /etc/selinux/custom/modules/active/= modules/apt*: No such file or directory

root@selinux:/root # semodule -i /tmp/apt.pp=C2=A0

root@seli= nux:/root # ls -la /etc/selinux/custom/modules/active/modules/apt*

-rw-------. 1 root root 6814 Mar 21 13:33 /etc/selinux/custom/modules/act= ive/modules/apt.pp

regards,

ilya

On Fri, Mar = 21, 2014 at 5:29 PM, Kim Lawson-Jenkins <kim.lawson-jenkins@= nrl.navy.mil> wrote:

In an attempt to lockdown a system I removed the remotelogin policy mod= ule using semodule =E2=80=93r.=C2=A0 I=E2=80=99m using the targeted policy = on RHEL6.=C2=A0 How do I add this file back to my current configuration?=

=C2=A0
=C2=A0
=C2=A0
=C2=A0

____________________= ___________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.

--047d7b6dce406908e604f51dfc18-- From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <532C400E.8090104@tycho.nsa.gov> Date: Fri, 21 Mar 2014 09:35:10 -0400 From: Stephen Smalley MIME-Version: 1.0 To: kim.lawson-jenkins@nrl.navy.mil, selinux@tycho.nsa.gov Subject: Re: How to restore a policy module References: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> <532C3F5F.1040602@tycho.nsa.gov> In-Reply-To: <532C3F5F.1040602@tycho.nsa.gov> Content-Type: text/plain; charset=windows-1252 List-Id: "Security-Enhanced Linux $SELinux$ mailing list" List-Post: List-Help: On 03/21/2014 09:32 AM, Stephen Smalley wrote: > On 03/21/2014 09:29 AM, Kim Lawson-Jenkins wrote: >> In an attempt to lockdown a system I removed the remotelogin policy >> module using semodule –r. I’m using the targeted policy on RHEL6. How >> do I add this file back to my current configuration? > > You can always do a yum reinstall selinux-policy-targeted to fully > reinstall the policy, or you could individually install that policy > module. Used to be the case that a copy of each module was available > under /usr/share/selinux/targeted, so you could do a semodule -i > /usr/share/selinux/targeted/remotelogin.pp if that exists (but it seems > to have gone away in recent Fedora, likely to save on storage). Also, if you add: save-previous = true to your /etc/selinux/semanage.conf it will keep a copy of your previous policy under /etc/selinux/targeted/modules/previous on each transaction, making it easier to rollback changes. From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <532C4176.4060709@tycho.nsa.gov> Date: Fri, 21 Mar 2014 09:41:10 -0400 From: James Carter MIME-Version: 1.0 To: kim.lawson-jenkins@nrl.navy.mil, selinux@tycho.nsa.gov Subject: Re: How to restore a policy module References: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> In-Reply-To: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> Content-Type: text/plain; charset=ISO-8859-1; format=flowed List-Id: "Security-Enhanced Linux $SELinux$ mailing list" List-Post: List-Help: On 03/21/2014 09:29 AM, Kim Lawson-Jenkins wrote: > In an attempt to lockdown a system I removed the remotelogin policy module > using semodule -r. I'm using the targeted policy on RHEL6. How do I add > this file back to my current configuration? > The pp file for the module will still be in /usr/share/selinux/targeted/. To reinstall the module do: semodule -i /usr/share/selinux/remotelogin.pp.bz2 -- James Carter National Security Agency From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id s2LDhRSv027254 for ; Fri, 21 Mar 2014 09:43:27 -0400 Received: from ferret (fw5540.nrl.navy.mil [132.250.196.100]) by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id s2LDhR73005673 for ; Fri, 21 Mar 2014 09:43:27 -0400 From: "Kim Lawson-Jenkins" To: References: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> <532C3F5F.1040602@tycho.nsa.gov> <532C400E.8090104@tycho.nsa.gov> In-Reply-To: <532C400E.8090104@tycho.nsa.gov> Subject: RE: How to restore a policy module Date: Fri, 21 Mar 2014 09:49:32 -0400 Message-ID: <01e901cf450c$6391fe30$2ab5fa90$@nrl.navy.mil> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Reply-To: kim.lawson-jenkins@nrl.navy.mil List-Id: "Security-Enhanced Linux $SELinux$ mailing list" List-Post: List-Help: Thanks everyone for the rapid answers. I was able to restore the file. Kim -----Original Message----- From: Stephen Smalley [mailto:sds@tycho.nsa.gov] Sent: Friday, March 21, 2014 9:35 AM To: kim.lawson-jenkins@nrl.navy.mil; selinux@tycho.nsa.gov Subject: Re: How to restore a policy module On 03/21/2014 09:32 AM, Stephen Smalley wrote: > On 03/21/2014 09:29 AM, Kim Lawson-Jenkins wrote: >> In an attempt to lockdown a system I removed the remotelogin policy >> module using semodule -r. I'm using the targeted policy on RHEL6. >> How do I add this file back to my current configuration? > > You can always do a yum reinstall selinux-policy-targeted to fully > reinstall the policy, or you could individually install that policy > module. Used to be the case that a copy of each module was available > under /usr/share/selinux/targeted, so you could do a semodule -i > /usr/share/selinux/targeted/remotelogin.pp if that exists (but it > seems to have gone away in recent Fedora, likely to save on storage). Also, if you add: save-previous = true to your /etc/selinux/semanage.conf it will keep a copy of your previous policy under /etc/selinux/targeted/modules/previous on each transaction, making it easier to rollback changes. From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id s2LIZDJx019748 for ; Fri, 21 Mar 2014 14:35:13 -0400 Message-ID: <532C861B.2000004@redhat.com> Date: Fri, 21 Mar 2014 14:34:03 -0400 From: Daniel J Walsh MIME-Version: 1.0 To: kim.lawson-jenkins@nrl.navy.mil, selinux@tycho.nsa.gov Subject: Re: How to restore a policy module References: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> In-Reply-To: <01e101cf4509$9942ae60$cbc80b20$@nrl.navy.mil> Content-Type: text/plain; charset=ISO-8859-1 List-Id: "Security-Enhanced Linux $SELinux$ mailing list" List-Post: List-Help: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/21/2014 09:29 AM, Kim Lawson-Jenkins wrote: > In an attempt to lockdown a system I removed the remotelogin policy module > using semodule ?r. I?m using the targeted policy on RHEL6. How do I add > this file back to my current configuration? > > > > > > > > > > > > _______________________________________________ Selinux mailing list > Selinux@tycho.nsa.gov To unsubscribe, send email to > Selinux-leave@tycho.nsa.gov. To get help, send an email containing "help" > to Selinux-request@tycho.nsa.gov. > yum reinstall selinux-policy-targeted Should do it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlMshhsACgkQrlYvE4MpobOIsQCghsLBWa3m8QxihXmjXsmm8UcE 708AmgOi7Hp1e1FRGMyuohfqonoS4fQQ =PP3O -----END PGP SIGNATURE-----