>So that's the problem - you didn't install it? Or you didn't include it
>in your base?
No.I didn't installed it,neither did anything to include it in base.Actually i m not aware what this module is required for.Previouly while inserting any module didn't got this erorr.
>I think we'd have to see your module .te file
This is my .te file
policy_module(dbus_exe,1.0.0)
########################################
#
# Declarations
#
require{
type system_dbusd_t;
class dbus acquire_svc;
class dbus send_msg;
class gconf set_value;
}
#
# Declarations
#
require{
type system_dbusd_t;
class dbus acquire_svc;
class dbus send_msg;
class gconf set_value;
}
type dbus_exe_t;
type dbus_exe_exec_t;
domain_type(dbus_exe_t)
init_daemon_domain(dbus_exe_t, dbus_exe_exec_t)
type dbus_exe_exec_t;
domain_type(dbus_exe_t)
init_daemon_domain(dbus_exe_t, dbus_exe_exec_t)
domtrans_pattern(unconfined_t,dbus_exe_exec_t,dbus_exe_t)
role unconfined_r types dbus_exe_t;
########################################
#
# dbus_exe local policy
#
# Check in /etc/selinux/refpolicy/include for macros to use instead of allow rules.
# Some common macros (you might be able to remove some)
files_read_etc_files(dbus_exe_t)
libs_use_ld_so(dbus_exe_t)
libs_use_shared_libs(dbus_exe_t)
miscfiles_read_localization(dbus_exe_t)
dbus_system_bus_client_template(dbus_exe,dbus_exe_t)
## internal communication is often done using fifo and unix sockets.
allow dbus_exe_t self:fifo_file { read write };
allow dbus_exe_t self:unix_stream_socket create_stream_socket_perms;
allow dbus_exe_t system_dbusd_t:dbus { send_msg };
allow dbus_exe_t self:dbus {acquire_svc send_msg};
allow dbus_exe_t self:chr_file {getattr read write};
allow dbus_exe_t devpts_t:chr_file {getattr read write};
allow dbus_exe_t self:process {signal};
role unconfined_r types dbus_exe_t;
########################################
#
# dbus_exe local policy
#
# Check in /etc/selinux/refpolicy/include for macros to use instead of allow rules.
# Some common macros (you might be able to remove some)
files_read_etc_files(dbus_exe_t)
libs_use_ld_so(dbus_exe_t)
libs_use_shared_libs(dbus_exe_t)
miscfiles_read_localization(dbus_exe_t)
dbus_system_bus_client_template(dbus_exe,dbus_exe_t)
## internal communication is often done using fifo and unix sockets.
allow dbus_exe_t self:fifo_file { read write };
allow dbus_exe_t self:unix_stream_socket create_stream_socket_perms;
allow dbus_exe_t system_dbusd_t:dbus { send_msg };
allow dbus_exe_t self:dbus {acquire_svc send_msg};
allow dbus_exe_t self:chr_file {getattr read write};
allow dbus_exe_t devpts_t:chr_file {getattr read write};
allow dbus_exe_t self:process {signal};
On Fri, Aug 29, 2008 at 6:52 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
So your module has a require on that type (presumably by using an
On Fri, 2008-08-29 at 16:03 +0530, shaunak saha wrote:
> Hi all,
>
> When i m trying to install a module using semodule -i <name of the
> module> i m geting the following error:
>
> libsepol.print_missing_requirements: dbus_rpc_example_server's global
> requirements were not met: type/attribute resmgrd_var_run_t
interface that depends on it), and you don't have that type defined in
your policy.
So that's the problem - you didn't install it? Or you didn't include it
> libsemanage.semanage_link_sandbox: Link packages failed
> semodule: Failed!
>
> Also when i do "semodule -l" i could not see any module resmgr.
in your base?
I think we'd have to see your module .te file.
> I m actually trying to insert a new class gconf (making gconf-daemon
> an userspace object manager).
> For this i have downloaded the refpolicy
>
> refpolicy-20080702.tar.bz2 from
> http://oss.tresys.com/projects/refpolicy/wiki/DownloadRelease and
> installed it.
>
> Then from /etc/selinux/refpolicy/src/policy/policy/flask directory i
> m editing the security_classes and access_vectors files to add my new
> gconf class and permissions, then rebuilding and installing the
> policy.
> The whenever i m giving the class gconf in my module .te file and
> trying to install it i m getting this error.I guess i m missing
> something.PLease help.
And maybe your modules.conf.
--
Stephen Smalley
National Security Agency
