Re: Trouble with module

[Joshua Brindle <jbrindle@xxxxxxxxxx>]

Pierre JUHEN wrote:
> No, I didn't skip the middle step.
>
> I have turned around this problem for days, googleized a lot,
> I didnt find a clue.
>
> Why is semodule looking in a inexistant directory ?
>
>   
the directory is there when the operation fails. semodule copies 
everything from modules/active to modules/tmp to operate on it and when 
it reads that file (toto.mod) it fails because it is a policy module and 
not a policy package.

try semodule -r toto

though I don't know how that file got there in the first place, semodule 
should have never accepted it
> I suspect a configuration problem, but where ?????
>
>   
> > Message du 06/10/06 04:28
> > De : "Joshua Brindle" <method@xxxxxxxxxx>
> > A : "Pierre JUHEN" <pierre.juhen@xxxxxxxxxx>
> > Copie à : fedora-selinux-list@xxxxxxxxxx
> > Objet : Re: Trouble with module
> >
> > Pierre JUHEN wrote:
> >     
> > > To correct error messages appearing in the audit.log, I ran the 
> > > procedure described in the audit2allow manual page.
> > >
> > > Here is the .te file :
> > >
> > > module local 1.0;
> > >
> > > require {
> > >    class dir search;
> > >    class fd use;
> > >    class fifo_file write;
> > >    class file { read write };
> > >    class netlink_route_socket create;
> > >    class unix_stream_socket { read write };
> > >    type apmd_log_t;
> > >    type cupsd_config_t;
> > >    type cupsd_t;
> > >    type dovecot_auth_t;
> > >    type dovecot_t;
> > >    type etc_mail_t;
> > >    type etc_runtime_t;
> > >    type hald_t;
> > >    type home_root_t;
> > >    type hostname_t;
> > >    type restorecon_t;
> > >    type semanage_t;
> > >    type unconfined_t;
> > >    type user_home_dir_t;
> > >    type usr_t;
> > >    type xdm_t;
> > >    role system_r;
> > > };
> > >
> > > allow cupsd_config_t apmd_log_t:file { read write };
> > > allow cupsd_t apmd_log_t:file { read write };
> > > allow dovecot_auth_t self:netlink_route_socket create;
> > > allow dovecot_t etc_runtime_t:file read;
> > > allow dovecot_t unconfined_t:fifo_file write;
> > > allow dovecot_t xdm_t:fd use;
> > > allow hald_t home_root_t:dir search;
> > > allow hostname_t etc_mail_t:file read;
> > > allow hostname_t unconfined_t:fifo_file write;
> > > allow hostname_t usr_t:file read;
> > > allow hostname_t xdm_t:fd use;
> > > allow restorecon_t xdm_t:fd use;
> > > allow semanage_t unconfined_t:unix_stream_socket { read write };
> > > allow semanage_t user_home_dir_t:dir search;
> > >
> > > When I try to load the module using "semodule -i local.pp"
> > >
> > > Iget :
> > >
> > > libsepol.module_package_read_offsets: wrong magic number for module 
> > > package:  expected 4185718671, got 4185718669
> > > libsemanage.semanage_load_module: Error while reading from module 
> > > file/etc/ selinux/targeted/modules/tmp/modules/toto.mod.
> > >
> > >       
> > did you build a policy package correctly using the following commands:
> >
> > checkmodule -M -m local.te -o local.mod
> > semodule_package -m local.mod -o local.pp
> > semodule -i local.pp
> >
> >
> > it looks like you probably skipped the middle step..
> >
> >     

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list