I need someone to explain some selinux commands I need to make Team Fortress 2 work

Team Fortress 2 on Fedora Linux requires adjusting something to make the sounds play properly. I found some commands in a thread on github and they DO work. The thing is, I tried figuring out WHAT they do but it all went completely over my head. I would like to know what I’m doing to my computer and also see this as an opportunity to learn something about the Linux operating system.

The commands in question are:

# ausearch -c 'hl2_linux' --raw | audit2allow -M my-hl2linux
# semodule -X 300 -i my-hl2linux.pp

Could someone maybe ELI5?

The audit2allow -M my-hl2linux is a shorthand that both generates the rules file(s) and compiles them to a binary policy package (pp) file that can subsequently be installed with the semodule command. Annoyingly, it also automatically deletes the rules files after the binary is compiled. So you cannot see what exactly was done in a human-readable format. If you want it to just create the human-readable rules file(s), use a lower-case -m (i.e. ausearch -c 'hl2_linux' --raw | audit2allow -m my-hl2linux). You should then be left with a my-hl2linux.te file with some rules that you can examine. If you wanted to tweak the rules to be more restrictive, you could alter the .te file and then run the “make” command yourself to generate the final policy package binary.

1 Like