I have a policy module that consists of a .te and an .fc file. I would like to add a "portcon" rule to this module, which (AFAIK) can only be done in CIL "format." What I've got today is: 1. Build a "traditional" .pp file (make -f /usr/share/selinux/devel/Makefile). 2. Use /usr/libexec/selinux/hll/pp to convert the .pp file to a .cil file. 3. Add the port context rule to the .cil file. Is this the best/only way to do this? Thanks! -- ======================================================================== Ian Pilcher arequipeno@xxxxxxxxx -------- "I grew up before Mark Zuckerberg invented friendship" -------- ========================================================================
