Re: Strict policy on FC6 and F7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

2007-08-08 (水) の 13:32 -0700 に Hal さんは書きました:
> Well
> I manged to compile the module, but
> it does not work for me. 
> Compiled,loaded,set enforcing and: "authentication failed" again.
> 
> I do not know if I am stupid, but I can not get a long with this Selinux... 
> 
> Does this nodule work for you guys????
> 
> hal
> 
> --- "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx> wrote:
> 
> > On Wed, 2007-08-08 at 12:39 -0700, Hal wrote:
> > > I have tryed with
> > > logging_send_audit_msgs(local_login_t)
> > > 
> > > But still:
> > > [root@localhost hal]# make -f /usr/share/selinux/devel/Makefile local.pp
> > > Compiling strict local module
> > > /usr/bin/checkmodule:  loading policy configuration from tmp/local.tmp
> > > local.te:9:ERROR 'unknown class capability used in rule' at token ';' on
> > line
> > > 81105:
> > > #line 9
> > >         allow local_login_t self:capability audit_write;
Because we did not write 

class capability { audit_write };

in require brace.

write it and try again.
Did you make it?


As a matter of fact, I have another problem on strict policy.
I ended up breaking F7 altogether eliminating libselinux with --nodeps.
Now I'm trying to upgrade FC6 to F7.
You can upgrade FC6 to F7, if you are tired of your process on F7.
Do not stop trying strict policy.Never surrender.
It's rewarding, and SELinux guys will guide you to the right place.


> > > /usr/bin/checkmodule:  error(s) encountered while parsing configuration
> > > make: *** [tmp/local.mod] Error 1
> > > 
> > > I really have no idea what all this means.
> > > there is nowhere "allow" in local.te. if it is in this macros at the end...
> > > Do I need to install the policy source and edit it?
> > 
> > It is in the interface.  You need to change this:
> > 
> > > > > module local 1.0;
> > 
> > to this:
> > 
> > policy_module(local,1.0)
> > 
> > It will automatically require all of the kernel object classes.
> > 
> > -- 
> > Chris PeBenito
> > Tresys Technology, LLC
> > (410) 290-1411 x150
> > 
> > 
> 
> 
> 
>       ____________________________________________________________________________________
> Luggage? GPS? Comic books? 
> Check out fitting gifts for grads at Yahoo! Search
> http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux