On Thu, Apr 17, 2008 at 12:15 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
>
> On Thu, 2008-04-17 at 11:33 -0500, Xavier Toth wrote:
> > This te file is not the finally resting place for copy/paste policy
> > simply a convenient place to try out the class.
> >
> > [tedx@comms hack-policy]$ make rebuild
> > rm -f /home/tedx/src2/Linux_i386/OED/policy/hack-policy.pp
> > rm -f *.CKP *.ln *.o core errs ,* *~ .emacs_* tags TAGS make.log *.i
> > if [ ! -d /usr/share/selinux/devel/include/jcdx ]; then \
> > sudo mkdir /usr/share/selinux/devel/include/jcdx; \
> > sudo chmod 777 /usr/share/selinux/devel/include/jcdx; \
> > fi; \
> > cp hack-policy.if /usr/share/selinux/devel/include/jcdx;
> > rm -f /usr/share/selinux/devel/include/jcdx/hack-policy.if
> > make -f /usr/share/selinux/devel/Makefile
> > make[1]: Entering directory `/home/tedx/src2/hack-policy'
> > Compiling mls hack-policy module
> > /usr/bin/checkmodule: loading policy configuration from tmp/hack-policy.tmp
> > hack-policy.te":30:ERROR 'unknown class x_application_data used in
> > rule' at token ';' on line 3343:
> > allow x_rootwindow_t self:x_application_data paste_without_confirm;
> > ;
> > /usr/bin/checkmodule: error(s) encountered while parsing configuration
> > make[1]: *** [tmp/hack-policy.mod] Error 1
> > make[1]: Leaving directory `/home/tedx/src2/hack-policy'
> > make: *** [progs] Error 2
>
> You need a
> require {
> class x_application_data { paste_without_confirm };
> }
> statement in your module or one of the interfaces it uses.
>
> policy_module() only automatically imports requires for the kernel
> classes and perms, I think.
>
>
> --
>
>
> Stephen Smalley
> National Security Agency
>
>
That did it, thanks.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
