Strict policy on FC6 and F7

Hal hal_bg at yahoo.com
Wed Aug 8 20:32:13 UTC 2007


Well
I manged to compile the module, but
it does not work for me. 
Compiled,loaded,set enforcing and: "authentication failed" again.

I do not know if I am stupid, but I can not get a long with this Selinux... 

Does this nodule work for you guys????

hal

--- "Christopher J. PeBenito" <cpebenito at tresys.com> wrote:

> On Wed, 2007-08-08 at 12:39 -0700, Hal wrote:
> > I have tryed with
> > logging_send_audit_msgs(local_login_t)
> > 
> > But still:
> > [root at localhost hal]# make -f /usr/share/selinux/devel/Makefile local.pp
> > Compiling strict local module
> > /usr/bin/checkmodule:  loading policy configuration from tmp/local.tmp
> > local.te:9:ERROR 'unknown class capability used in rule' at token ';' on
> line
> > 81105:
> > #line 9
> >         allow local_login_t self:capability audit_write;
> > /usr/bin/checkmodule:  error(s) encountered while parsing configuration
> > make: *** [tmp/local.mod] Error 1
> > 
> > I really have no idea what all this means.
> > there is nowhere "allow" in local.te. if it is in this macros at the end...
> > Do I need to install the policy source and edit it?
> 
> It is in the interface.  You need to change this:
> 
> > > > module local 1.0;
> 
> to this:
> 
> policy_module(local,1.0)
> 
> It will automatically require all of the kernel object classes.
> 
> -- 
> Chris PeBenito
> Tresys Technology, LLC
> (410) 290-1411 x150
> 
> 



      ____________________________________________________________________________________
Luggage? GPS? Comic books? 
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz




More information about the selinux mailing list