Trouble with module

Pierre JUHEN pierre.juhen at wanadoo.fr
Fri Oct 6 07:11:49 UTC 2006 

No, I didn't skip the middle step.

I have turned around this problem for days, googleized a lot,
I didnt find a clue.

Why is semodule looking in a inexistant directory ?

I suspect a configuration problem, but where ?????

> Message du 06/10/06 04:28
> De : "Joshua Brindle" <method at gentoo.org>
> A : "Pierre JUHEN" <pierre.juhen at wanadoo.fr>
> Copie à : fedora-selinux-list at redhat.com
> Objet : Re: Trouble with module
> 
> Pierre JUHEN wrote:
> > To correct error messages appearing in the audit.log, I ran the 
> > procedure described in the audit2allow manual page.
> >
> > Here is the .te file :
> >
> > module local 1.0;
> >
> > require {
> >    class dir search;
> >    class fd use;
> >    class fifo_file write;
> >    class file { read write };
> >    class netlink_route_socket create;
> >    class unix_stream_socket { read write };
> >    type apmd_log_t;
> >    type cupsd_config_t;
> >    type cupsd_t;
> >    type dovecot_auth_t;
> >    type dovecot_t;
> >    type etc_mail_t;
> >    type etc_runtime_t;
> >    type hald_t;
> >    type home_root_t;
> >    type hostname_t;
> >    type restorecon_t;
> >    type semanage_t;
> >    type unconfined_t;
> >    type user_home_dir_t;
> >    type usr_t;
> >    type xdm_t;
> >    role system_r;
> > };
> >
> > allow cupsd_config_t apmd_log_t:file { read write };
> > allow cupsd_t apmd_log_t:file { read write };
> > allow dovecot_auth_t self:netlink_route_socket create;
> > allow dovecot_t etc_runtime_t:file read;
> > allow dovecot_t unconfined_t:fifo_file write;
> > allow dovecot_t xdm_t:fd use;
> > allow hald_t home_root_t:dir search;
> > allow hostname_t etc_mail_t:file read;
> > allow hostname_t unconfined_t:fifo_file write;
> > allow hostname_t usr_t:file read;
> > allow hostname_t xdm_t:fd use;
> > allow restorecon_t xdm_t:fd use;
> > allow semanage_t unconfined_t:unix_stream_socket { read write };
> > allow semanage_t user_home_dir_t:dir search;
> >
> > When I try to load the module using "semodule -i local.pp"
> >
> > Iget :
> >
> > libsepol.module_package_read_offsets: wrong magic number for module 
> > package:  expected 4185718671, got 4185718669
> > libsemanage.semanage_load_module: Error while reading from module 
> > file/etc/ selinux/targeted/modules/tmp/modules/toto.mod.
> >
> did you build a policy package correctly using the following commands:
> 
> checkmodule -M -m local.te -o local.mod
> semodule_package -m local.mod -o local.pp
> semodule -i local.pp
> 
> 
> it looks like you probably skipped the middle step..
> 
>

More information about the fedora-selinux-list mailing list