Re: Strict policy on FC6 and F7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2007-08-08 at 12:39 -0700, Hal wrote:
> I have tryed with
> logging_send_audit_msgs(local_login_t)
> 
> But still:
> [root@localhost hal]# make -f /usr/share/selinux/devel/Makefile local.pp
> Compiling strict local module
> /usr/bin/checkmodule:  loading policy configuration from tmp/local.tmp
> local.te:9:ERROR 'unknown class capability used in rule' at token ';' on line
> 81105:
> #line 9
>         allow local_login_t self:capability audit_write;
> /usr/bin/checkmodule:  error(s) encountered while parsing configuration
> make: *** [tmp/local.mod] Error 1
> 
> I really have no idea what all this means.
> there is nowhere "allow" in local.te. if it is in this macros at the end...
> Do I need to install the policy source and edit it?

It is in the interface.  You need to change this:

> > > module local 1.0;

to this:

policy_module(local,1.0)

It will automatically require all of the kernel object classes.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux