Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On Sat, Apr 14, 2012 at 10:41:48AM -0400, Alain Toussaint wrote:
> In the samba 4 howto, the instructions related to selinux apply to RH and
> when I tried to compile this modules, I had an error because I'm running
> in strict mode and semodule tell me it's an MLS modules. What do I need to
> modify to this module to run it in strict mode?
>
> module samba4 1.0;
>
>
> require {
> type ntpd_t;
> type usr_t;
> type initrc_t;
> class sock_file write;
> class unix_stream_socket connectto;
> }
>
> #============= ntpd_t ==============
> allow ntpd_t usr_t:sock_file write;
>
> #============= ntpd_t ==============
> allow ntpd_t initrc_t:unix_stream_socket connectto;
Doesn't look like an MLS specific module here. Just change the header:
instead of "module samba4 1.0" write "policy_module(samba4, 1.0)" and then
you should be able to build it with:
~# make -f /usr/share/selinux/strict/include/Makefile samba4.pp
~# semodule -i samba4.pp
Perhaps you also have a .fc file that goes with it? If you do, that might
contain some references to sensitivity labels or so that only apply to MLS.
In that case, tell me what the .fc file looks like.
Wkr,
Sven Vermeulen
|
|
