Stefan wrote:
Hi,
since an update of the mls came out I have a problem loading a policy
which worked correctly before the update.
[data.te]
policy_module(data,1.0.2)
gen_require(`
type user_t, staff_t, smbd_t, snmpd_t;
')
type data_t;
files_type(data_t);
allow user_t data_t:dir { getattr read };
allow user_t data_t:file { getattr read };
allow staff_t data_t:dir { create rmdir rw_dir_perms setattr };
allow staff_t data_t:file { create rename rw_file_perms setattr unlink };
allow staff_t data_t:lnk_file { create rw_file_perms };
allow smbd_t data_t:dir { add_name create getattr read remove_name
rename rmdir search setattr write };
allow smbd_t data_t:file { create getattr lock read rename setattr
unlink write };
allow snmpd_t data_t:dir getattr;
[data.fc]
/data(/.*)? gen_context(system_u:object_r:data_t,s0)
When I try to load the module (semodule -i data.pp) I get the
following error message:
libsepol.permission_copy_callback: Module data depends on permission
setkeycreate in class process, not satisfied
libsemanage.semanage_link_sandbox: Link packages failed
semodule: Failed!
Did you recompile your policy package?
I don't know what the error has to say. Any suggestions?
ciao, Stefan
PS: rpm -qa selinux-policy-mls
selinux-policy-mls-2.3.2-1.fc5
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
