On Fri, Dec 30, 2011 at 10:51:47AM -0800, Tracy Reed wrote:
> email2feedback.te:
>
> policy_module(email2feedback, 1.0.0)
> type email2feedback_t;
> type email2feedback_exec_t;
>
> require {
> type automated_tasks_db_t;
> }
>
> domain_type(email2feedback_t)
> domain_entry_file(email2feedback_t, email2feedback_exec_t)
>
> allow email2feedback_t automated_tasks_db_t:file { read getattr ioctl };
[...]
> # Let it switch from crond_t to email2feedback_t
> ifdef(`crond.te', `
> system_crond_entry(email2feedback_exec_t, email2feedback_t)
> ')
This seems wrong. There's no need for an "ifdef" here.
You probably want something like the following in your .te file:
optional_policy(`
cron_system_entry(email2feedback_t, email2feedback_exec_t)
')
Wkr,
Sven Vermeulen
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
