circular policy references generated by sepolgen
Michael Atighetchi
matighet at bbn.com
Tue Jan 10 21:59:03 UTC 2012
All,
I have a number of custom policies that I developed on a Fedora 14
system by using sepolgen and iterating over the policies up to a point
where they are violation free.
When trying to install those policies on another system, I've run into a
circular dependency issue. No matter what order I call the 6 .sh
scripts created by sepolgen, I always end up with missing required
types, e.g.,:
----
[proxyuser at lime selinux]$ sudo ./CZwd.sh
Building and Loading Policy
+ make -f /usr/share/selinux/devel/Makefile
make: Nothing to be done for `all'.
+ /usr/sbin/semodule -i CZwd.pp
libsepol.print_missing_requirements: CZwd's global requirements were not
met: type/attribute CZfwa_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or
directory).
/usr/sbin/semodule: Failed!
----
Presumably, one can break these cycles by defining all required types first.
Is there a manual way to do this using the SELinux tools?
Thanks
Michael
--
Michael Atighetchi
Senior Scientist
Raytheon BBN Technologies
617-873-1679
matighet at bbn.com
More information about the selinux
mailing list