Originally Posted by sohailkmu
I am using Red Hat Enterprise AS 4 and squid stable 2.5 stable 6. If you can help me in writing rules for squid in selinux I would be thankful.
I'm kind of familiar with SE Linux, but unfortunately not with RHEL-4 policy.
Generally speaking there's two possibilities: Squid runs in it's own "domain" (it already has some policy rules configured) but misses some. In that case, and if you run Auditd, you should be able to use AVC messages to adjust your local policy. For example if your Squid binary is just called "squid", then running 'grep "AVC.*squid" /var/log/audit/audit.log|audit2allow' should output to stdout a set of rules with which to build a local policy file. The other possibility (not in your case I guess) is that Squid runs in the "unconfined domain" and you would want it to run in its own domain. In that case being able to install and run policycoreutils and policycoreutils-gui could make things a lot easier.
For now let's see what 'grep "AVC.*squid" /var/log/audit/audit.log|audit2allow' shows.