[RFC] Adding --force option to semodule

Shintaro Fujiwara shintaro.fujiwara at gmail.com
Sat Mar 15 10:09:13 UTC 2014 

I understand, thanks.


2014-03-15 19:04 GMT+09:00 Daniel J Walsh <dwalsh at redhat.com>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> semodule -i mypolicy.pp
>
> is equivalent to
>
> semodule -u --force mypolicy.pp
>
> On 03/14/2014 10:07 PM, Shintaro Fujiwara wrote:
> > Hi, I was updating a policy because I had to add some permissions.
> >
> > So, I added number in .te file and successfully upgraded mypolicy.
> >
> > semodule -u mypolicy.pp
> >
> > 5 minutes later, I found another permission should have been added to
> > mypolicy.pp so I added it and .te number remains the same.
> >
> > Yes, I should have added permissions at one time and make no haste.
> >
> > But, isn't it convenient to add --force option to semodule ? Now, if the
> > number is the same, I get this error.
> >
> > [root at localhost xx]# semodule -u mypolicy.pp
> > libsemanage.get_direct_upgrade_filename: Previous module mypolicy is same
> > or newer. (No such file or directory).
> >
> >
> >
> >
> >
> >
> > -- 日本にヘヴィメタル・ハードロックを根付かせるページ http://heavymetalhardrock.no-ip.info/
> > <http://www.heavymetalhardrock.tk/>
> >
> > 世界中でセキュアOSのSELinuxを使いやすくするフリーソフト
> http://sourceforge.net/projects/segatex/
> >
> > CMS(PHPとPostgreSQLを使ったフリーソフト) http://sourceforge.net/projects/webon/
> >
> >
> > -- selinux mailing list selinux at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlMkJZsACgkQrlYvE4MpobNNswCdEduTFcji/0kftHtI0ccjNmhB
> 5jgAoIn1p6MB6o70t+M2NXS9HyuS8Fa2
> =2HR1
> -----END PGP SIGNATURE-----
>



-- 
日本にヘヴィメタル・ハードロックを根付かせるページ
http://heavymetalhardrock.no-ip.info/ <http://www.heavymetalhardrock.tk/>

世界中でセキュアOSのSELinuxを使いやすくするフリーソフト
http://sourceforge.net/projects/segatex/

CMS(PHPとPostgreSQLを使ったフリーソフト)
http://sourceforge.net/projects/webon/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20140315/cfd700c8/attachment.html>

More information about the selinux mailing list