Re: using an interface defined in another loaded module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Gary,

Thanks a zillion times for your help, the building of the policy works fine now that I have copied the .if file of the submodule to the directory you mentioned!
I did not know I was reqired to copy the module's interface file to SELinux's include dirs to make it available for other modules to use.

BTW, I was building my module from within my "policy builder and installer" script using the "traditional" way of:
# make -f /usr/share/selinux/devel/Makefile A.pp

Now the build process works, thanks to your suggestion!

Best Regards,
János
--
Janos SZIGETVARI
RHCE, License no. 150-053-692

LinkedIn: linkedin.com/in/janosszigetvari
E-mail: janos@szigetvari.com, jszigetvari@gmail.com
Phone: +36209440412 (Hungary)

__@__˚V˚
Make the switch to open (source) applications, protocols, formats now:
- windows -> Linux, iexplore -> Firefox, msoffice -> LibreOffice
- msn -> jabber protocol (Pidgin, Google Talk)
- mp3 -> ogg, wmv -> ogg, jpg -> png, doc/xls/ppt -> odt/ods/odp


Gary Tierney <gary.tierney@xxxxxxx> ezt írta (időpont: 2019. ápr. 3., Sze, 17:14):
On Wed, Apr 03, 2019 at 10:34:08AM +0200, SZIGETVÁRI János wrote:
>Could anyone please give me some insight on this?
>
>Thanks a lot!
>

Hi,

How are you building and installing your policy modules? The interface
definitions (.if files) aren't preserved in the compiled policy package,
so are typically kept elsewhere. On Fedora this is under
/usr/share/selinux/devel/include and its associated subdirectories
(which are recursively walked to find .if files when building policy
using the refpolicy framework, i.e., the selinux-policy-devel package).

So it should be as simple as copying your .if files to:
/usr/share/selinux/devel/include (though the "services" subdir is likely
more appropriate).

Thanks,
Gary.

>Best Regards,
>János Szigetvári
>
>SZIGETVÁRI János <jszigetvari@xxxxxxxxx> ezt írta (időpont: 2019. márc.
>31., V, 13:47):
>
>> ... snip ...
>_______________________________________________
>selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
>To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
>Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
>List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx

_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux