Is there a way to use newer SELinux interface calls, but still compile on machines that don't have them.
Miroslav Grepl
mgrepl at redhat.com
Thu Mar 6 07:57:27 UTC 2014
On 03/05/2014 10:35 PM, Jayson Hurst wrote:
> I want to use the kerberos_read_home_content interface method, but it
> seems to be a newer method that doesn't exist on RHEL 6.0, but it does
> on RHEL 6.5. Is there a way to build a single policy that will take
> advantage of this call if its there, but not fail to compile/install
> if it is not?
Yes,
you want to use "optional_policy" block .
http://mgrepl.wordpress.com/2012/03/23/when-should-you-use-the-optional_policy-block-statement/
More information about the selinux
mailing list