problems with latest mls policy
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 24 17:08:10 UTC 2006
Stefan wrote:
> Hi,
>
> since an update of the mls came out I have a problem loading a policy
> which worked correctly before the update.
>
> [data.te]
> policy_module(data,1.0.2)
>
> gen_require(`
> type user_t, staff_t, smbd_t, snmpd_t;
> ')
>
> type data_t;
> files_type(data_t);
>
> allow user_t data_t:dir { getattr read };
> allow user_t data_t:file { getattr read };
> allow staff_t data_t:dir { create rmdir rw_dir_perms setattr };
> allow staff_t data_t:file { create rename rw_file_perms setattr unlink };
> allow staff_t data_t:lnk_file { create rw_file_perms };
>
> allow smbd_t data_t:dir { add_name create getattr read remove_name
> rename rmdir search setattr write };
> allow smbd_t data_t:file { create getattr lock read rename setattr
> unlink write };
>
> allow snmpd_t data_t:dir getattr;
>
> [data.fc]
> /data(/.*)? gen_context(system_u:object_r:data_t,s0)
>
> When I try to load the module (semodule -i data.pp) I get the
> following error message:
> libsepol.permission_copy_callback: Module data depends on permission
> setkeycreate in class process, not satisfied
> libsemanage.semanage_link_sandbox: Link packages failed
> semodule: Failed!
>
Did you recompile your policy package?
> I don't know what the error has to say. Any suggestions?
>
> ciao, Stefan
>
> PS: rpm -qa selinux-policy-mls
> selinux-policy-mls-2.3.2-1.fc5
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
More information about the fedora-selinux-list
mailing list