OK, I got the base policy compiled and installed, and now trying to add
a policy that uses one of its interfaces:
-----
policy_module(bypass,1.0.0)
# bypass.validate process type
type bypass_t;
# bypass.validate executable file type
type bypass_exec_t;
# when bypass.validate is run from apache, transition to
# the bypass_t execution domain
apache_cgi_domain(bypass_t, bypass_exec_t)
# allow bypass.validate to run ifconfig,
can_exec(bypass_t, ifconfig_exec_t)
peak_read_config_files(bypass_t)
-----
The problem is I get a syntax error on the interface call
"peak_read_config_files" - it appears that it doesn't know it exists. I
did install it with "semodule -i peak_files.pp". I'm not sure what I
need to do to reference it...
Attachments:
- smime.p7s
(application/pkcs7-signature — 6.1 KB)