-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Christoph Höger wrote:
> Hi,
> when I tried to build a custom SELinux module, this
strange behavior
> occured:
> when I used:
> libs_read_lib_files(tomcat5_t)
> I got "read" denied source: tomcat5_t target:
lib_t
> but using
> require {
> type lib_t;
> type tomcat5_t;
> class file read;
> }
> allow tomcat5_t lib_t:file read;
> worked fine. Although this should essentially be the
same in my
> understanding.
> Any explanations for that?
> regards
> christoph
Please attach the compilation errors.
tomcat5_t is marked as a domain_type?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iEYEARECAAYFAkd5U44ACgkQrlYvE4MpobP9egCdG+J82YNQyTFNSKnh7uyku4Aa
iAgAoKR7A+DEWGIFNJV+48MPt+BlxIyr
=wOR2
-----END PGP SIGNATURE-----
Hi,
there were no compilation errors, but I think it had to do with
libs_use_lib_files with is deprecated. I have no problems since I use
libs_use_shared_libs().
You can see the complete .te file on the selinux list, which I
discovered after I posted the first message (sorry for that).
thank you
christoph