On 04/26/2010 08:47 PM, Dennison Williams wrote: > Hello, > > I am trying to port treysys' fail2ban.[te|fc] > (http://oss.tresys.com/repos/refpolicy/trunk/policy/modules/services/) > module to use on a debian system as a custom module and am having some > problems. I have built a custom module for this system, but I think > this case is slightly different because of calls to a few different > interfaces (that do exist on the system as installed via the > selinux-policy-refpolicy-dev package). > > When I run: > > # checkmodule -M -m -o fail2ban.mod fail2ban.te > checkmodule: loading policy configuration from fail2ban.te > (unknown source)::ERROR 'This block has no require section.' at > token 'init_daemon_domain' on line 10: > init_daemon_domain(fail2ban_t, fail2ban_exec_t) > type fail2ban_exec_t; > checkmodule: error(s) encountered while parsing configuration > > This is obviously because I am not specifying the path to where the > init_daemon_domain interface is defined, but I am not sure how to do this. > > I tried to add > > require { > interface init_daemon_domain; > } > > This does not seem to be the right way to do it either. > > Any help is appreciated. Not sure what is at issue here. I usually use the Makefile that should be included with the devel pakage to build policy. Last time i tried checkmodule had some issues. The errors you ran into seems like a bug related to debian. I would encourage that you try sending e-mail to Russell Coker. You can find his e-mail address on the bottom of this page: http://www.coker.com.au/russell/ hth > Sincerely, > Dennison Williams > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
