On 14/06/2016, 10:38 PM, "Simon Sekidde" <ssekidde@xxxxxxxxxx> wrote:
>----- Original Message -----
>> From: "Douglas Brown" <doug.brown@xxxxxxxxxx>
>> To: "SELinux Fedora List" <selinux@xxxxxxxxxxxxxxxxxxxxxxx>
>> Sent: Monday, June 13, 2016 8:52:40 PM
>> Subject: RHEL 7 shutdown_run interface
>>
>> Hi all,
>>
>> In the process of porting policies from RHEL 6 to 7, I’m having an issue with
>> the shutdown_run interface.
>>
>> The trivial te file below compiles and loads fine on RHEL 6.7:
>>
>> policy_module(test, 0.1)
>>
>> require {
>> role staff_r;
>> type staff_t;
>> }
>>
>> shutdown_run(staff_t, staff_r)
>>
>> However, there appears to be a bug in RHEL 7.2, because loading with semodule
>> gives the error: "libsepol.print_missing_requirements: test's global
>> requirements were not met: role shutdown_roles (No such file or directory)"
>>
>
>I believe you also need shutdown_role(staff_r,staff_t) for this to compile
Thanks Simon, you’re right, shutdown_role is the right way to go, but it produced the same error when trying to load.
Cheers,
Doug
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx
