On Friday 30 November 2007 2:06:10 pm Paul Moore wrote:
> On Friday 30 November 2007 12:34:20 pm Todd C. Miller wrote:
> > I see what happened. When generating the patch I did an svn revert not
> > realizing that of course it wouldn't revert a new file it knew nothing
> > about. So effectively the new files were duplicated--one copy in the
> > patch and one on the filesystem.
> >
> > Here's a fixed diff that applies to a fresh checkout.
>
> Thanks, that applied without problem.
Probably user error on my end but I'm running into problems trying to make use
of the new code. Here is what I did, please point out if I'm missing
something ...
1. Compiled the new bits
2. Replaced checkmodule, checkpolicy, load_policy, libsepol and libsemanage
with the patched versions (wasn't really sure what needed to be replaced, do
I need any others?)
3. Created a simple policy module (did I get the syntax for the policycap
right? ... it's been a while since I looked at lex/yacc code):
policy_module(peer_test,0.0.1)
policycap network_peer_controls;
type peer_test_t;
4. Compiled the new module using the unmodified policy Makefile from Rawhide
Compiling targeted peer_test module
/usr/bin/checkmodule: loading policy configuration from tmp/peer_test.tmp
/usr/bin/checkmodule: policy configuration loaded
/usr/bin/checkmodule: writing binary representation (version 7) to
tmp/peer_test.mod
Creating targeted peer_test.pp policy package
5. Tried installing the module
/usr/sbin/load_policy: Can't load policy: Invalid argument
libsemanage.semanage_reload_policy: load_policy returned error code 2.
semodule: Failed!
Help/Ideas?
--
paul moore
linux security @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
