-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/10/2012 04:59 PM, Michael Atighetchi wrote: > All, > > I have a number of custom policies that I developed on a Fedora 14 > system by using sepolgen and iterating over the policies up to a > point where they are violation free. > > When trying to install those policies on another system, I've run > into a circular dependency issue. No matter what order I call the > 6 .sh scripts created by sepolgen, I always end up with missing > required types, e.g.,: > > ---- [proxyuser@lime selinux]$ sudo ./CZwd.sh Building and Loading > Policy + make -f /usr/share/selinux/devel/Makefile make: Nothing to > be done for `all'. + /usr/sbin/semodule -i CZwd.pp > libsepol.print_missing_requirements: CZwd's global requirements > were not met: type/attribute CZfwa_t (No such file or directory). > libsemanage.semanage_link_sandbox: Link packages failed (No such > file or directory). /usr/sbin/semodule: Failed! ---- > > Presumably, one can break these cycles by defining all required > types first. Is there a manual way to do this using the SELinux > tools? > > Thanks Michael > > Without seeing the policy I would figure you did not define CZfwa_t within this module but used without out a optional_policy block around it. You have a couple of choices either add the optional_policy block or install both pp files with the same semodule command. semodule -i CZwd.pp CZfwa.pp -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8NjbAACgkQrlYvE4MpobOKeQCeOZdRV0yyTzrP8ZuHNl0YjBmq qRQAnjtmVaDpe9V4bJObY9fP+T+V2kvy =SKZ4 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
