Hello, I am working on a policy where we want to modularize certain features (management of DHCP, DNS and TFTP services). Since users can turn these features on and off, we would like to introduce SELinux booleans to do the same. Unfortunately when I try to put some macros in the tunable_policy blocks, I get errors: tunable_policy(`foreman_proxy_manage_dhcp', ` dhcpd_admin(foreman_proxy_t, system_r) netutils_exec_ping(foreman_proxy_t) netutils_domtrans_ping(foreman_proxy_t) ') foreman-proxy.te":188:ERROR 'syntax error' at token 'typeattribute' on line 10649: typeattribute foreman_proxy_t initrc_transition_domain; /usr/bin/checkmodule: error(s) encountered while parsing configuration It works just fine without the tunable_policy block. Where's the snag and how can we workaround it? Thanks! -- Later, Lukas #lzap Zapletal -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
