On Thu, May 28, 2020 at 10:52 AM Christian Göttsche <cgzones@xxxxxxxxxxxxxx> wrote: > > Am Do., 28. Mai 2020 um 16:23 Uhr schrieb Stephen Smalley > <stephen.smalley.work@xxxxxxxxx>: > > Looks like you need to also support the case where no quoting is > > performed. Otherwise, I still see syntax errors, e.g. > > /usr/share/selinux/refpolicy/include/services/apache.if: Syntax error > > on line 35 allow_httpd_$1_script_anon_write [type=IDENTIFIER] > > > > 35: gen_tunable(allow_httpd_$1_script_anon_write, false) > > I tried to avoid that by modifying Refpolicy[1], but I can include the > additional grammar. > > > [1]: https://github.com/SELinuxProject/refpolicy/pull/201 Looks like your refpolicy pull request was merged so I guess we can take this one as is if we don't care about fixing it for older refpolicy versions. The third patch in the series still needs to be reworked or dropped I think as per my comments there. Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
