problems with latest mls policy
Stefan
stefan at sf-net.com
Sun Jul 23 18:30:57 UTC 2006
Hi,
since an update of the mls came out I have a problem loading a policy
which worked correctly before the update.
[data.te]
policy_module(data,1.0.2)
gen_require(`
type user_t, staff_t, smbd_t, snmpd_t;
')
type data_t;
files_type(data_t);
allow user_t data_t:dir { getattr read };
allow user_t data_t:file { getattr read };
allow staff_t data_t:dir { create rmdir rw_dir_perms setattr };
allow staff_t data_t:file { create rename rw_file_perms setattr
unlink };
allow staff_t data_t:lnk_file { create rw_file_perms };
allow smbd_t data_t:dir { add_name create getattr read remove_name
rename rmdir search setattr write };
allow smbd_t data_t:file { create getattr lock read rename setattr
unlink write };
allow snmpd_t data_t:dir getattr;
[data.fc]
/data(/.*)? gen_context(system_u:object_r:data_t,s0)
When I try to load the module (semodule -i data.pp) I get the
following error message:
libsepol.permission_copy_callback: Module data depends on permission
setkeycreate in class process, not satisfied
libsemanage.semanage_link_sandbox: Link packages failed
semodule: Failed!
I don't know what the error has to say. Any suggestions?
ciao, Stefan
PS: rpm -qa selinux-policy-mls
selinux-policy-mls-2.3.2-1.fc5
More information about the fedora-selinux-list
mailing list