Hi, I may be misunderstanding things but I think that a "new" version of checkmodule is able to create policy versions other than "latest". I know that checkpolicy accepts the -c option to create binary policies of older versions. Is there any equivalent for checkmodule? My version of checkmodule (2.0.21 I believe) when run with -V reports that it supports "Module versions 4-10", however I do not see any flags to change the compiled module policy version. When I then try to load the compiled module on CentOS 5.4 with "semodule -i A.pp" it responds with: libsepol.policydb_read: policydb module version 10 does not match my version range 4-6 libsepol.sepol_module_package_read: invalid module in module package (at section 0) libsemanage.semanage_load_module: Error while reading from module file /etc/selinux/clip/modules/tmp/modules/A.pp. semodule: Failed! So it looks like checkmodule should be able to build policy version 6 which is supported by semodule on the CentOS 5.4 side. Am I misunderstanding something? My setup is using Arch Linux as the development machine so I know it isn't really "supported" per se. Thanks, Jason -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
