Strict policy on FC6 and F7
Hal
hal_bg at yahoo.com
Wed Aug 8 20:32:13 UTC 2007
Well
I manged to compile the module, but
it does not work for me.
Compiled,loaded,set enforcing and: "authentication failed" again.
I do not know if I am stupid, but I can not get a long with this Selinux...
Does this nodule work for you guys????
hal
--- "Christopher J. PeBenito" <cpebenito at tresys.com> wrote:
> On Wed, 2007-08-08 at 12:39 -0700, Hal wrote:
> > I have tryed with
> > logging_send_audit_msgs(local_login_t)
> >
> > But still:
> > [root at localhost hal]# make -f /usr/share/selinux/devel/Makefile local.pp
> > Compiling strict local module
> > /usr/bin/checkmodule: loading policy configuration from tmp/local.tmp
> > local.te:9:ERROR 'unknown class capability used in rule' at token ';' on
> line
> > 81105:
> > #line 9
> > allow local_login_t self:capability audit_write;
> > /usr/bin/checkmodule: error(s) encountered while parsing configuration
> > make: *** [tmp/local.mod] Error 1
> >
> > I really have no idea what all this means.
> > there is nowhere "allow" in local.te. if it is in this macros at the end...
> > Do I need to install the policy source and edit it?
>
> It is in the interface. You need to change this:
>
> > > > module local 1.0;
>
> to this:
>
> policy_module(local,1.0)
>
> It will automatically require all of the kernel object classes.
>
> --
> Chris PeBenito
> Tresys Technology, LLC
> (410) 290-1411 x150
>
>
____________________________________________________________________________________
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
More information about the fedora-selinux-list
mailing list