On Thu, 2006-09-21 at 10:26 +0800, Benjamin Tsai wrote: > sorry I didn't make myself clear ... enough. > Me thought if I want to build and load my own policy successfully, I > should "feel" and confirm that the build path works on my box in > advance. > I shall have a valid .te file, and with that, I can compile/load it > without errors and see it working correctly. That's why I start with > audit2allow, it's merely a test for me. =) That's fine, but I'm still not clear - do you want strict policy or not? If your goal was just to write policy for your own daemon, you can do that while staying with targeted policy, and just write a policy module for your daemon. > As for the warning, yes I did see my module installed through semodule > -l. However, why is the warning? It's fc5 in my box, instead of debian, > surely I don't have dpkg installed. Besides, I checked with semodule and > didn't see dpkg. It's so weird to see a warning of something I don't > have. semodule -l doesn't list dpkg? Then I'm confused. I agree it shouldn't be included in the Fedora policy; that was likely just an oversight. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
