[redhat-lspp] LSPP Development Telecon 11/28/2005 Minutes
Stephen Smalley
sds at tycho.nsa.gov
Thu Dec 1 15:27:50 UTC 2005
On Wed, 2005-11-30 at 10:31 -0500, Stephen Smalley wrote:
> On Tue, 2005-11-29 at 09:31 -0500, Stephen Smalley wrote:
> > On Tue, 2005-11-29 at 07:55 -0600, George Wilson wrote:
> > > Need to analyze NSA SELinux tescases and rebase to reference policy if
> > > necessary.
> > > Should be the same but may not.
> > > Joy to look at.
> > > Red Hat QA is running LTP version of SELinux testcases.
> >
> > The obvious major issue with the testsuite is that the testsuite policy.
> > The two problem areas will be:
> > a) testsuite policy is currently copied into the policy source tree
> > followed by a make load, so it needs to be converted to build a policy
> > module instead and install it via semodule,
>
> On this point, Dan has already extended audit2allow to generate requires
> statements when generating allow rules from audit messages, so it should
> be possible to also have it (or another script) generate such requires
> statements for an existing .te file. That would ease conversion of the
> testsuite policy over to module form.
Note: Dan has extended audit2allow to support such generation, so it
should be possible to apply this to the testsuite policy to convert it.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list