1 |
Had the same problem. Emerge did not clobber the *.te files in |
2 |
/etc/security/selinux/src/policy. It went away after running 'etc-update' |
3 |
and merging the changes. |
4 |
|
5 |
sam |
6 |
|
7 |
-----Original Message----- |
8 |
From: Roel Vromen [mailto:roel@××××××.net] |
9 |
Sent: Friday, April 01, 2005 1:40 AM |
10 |
To: gentoo-hardened@××××××××××××.org |
11 |
Subject: Re: [gentoo-hardened] problem with new policies? |
12 |
|
13 |
On Friday 01 April 2005 01:33, Chris PeBenito wrote: |
14 |
> On Thu, 2005-03-31 at 23:27 +0200, Roel Vromen wrote: |
15 |
> > but that doesn't seem to do anything in my case: |
16 |
> > |
17 |
> > make after make clean still gives a load of messages such as: |
18 |
> > ------- |
19 |
> > #line 18 |
20 |
> > domains/admin.te:18:ERROR 'permission connected_socket_perms is not |
21 |
> > defined forclass tcp_socket' at token ';' on line 4297: |
22 |
> > allow sysadm_mail_t self:tcp_socket connected_socket_perms; |
23 |
> > ------ |
24 |
> |
25 |
> I'm assuming you're using selinux-base-policy-20050322. I doublechecked |
26 |
> the tarball, and it is in macros/core_macros.te. So if its not |
27 |
> existing, then either your policy is broken, or you didn't etc-update. |
28 |
|
29 |
You were so right! The selinux-base-policy was in a series of updates. |
30 |
|
31 |
Probably better if I spot a selinux-base-policy update to do a separate |
32 |
merge |
33 |
(complete with the etc-update) for that one, and only THEN do the emerge -uD |
34 |
|
35 |
world. |
36 |
|
37 |
Thanks for taking the time to answer my question. Very much appreciated. |
38 |
|
39 |
Roel |
40 |
|
41 |
|
42 |
-- |
43 |
gentoo-hardened@g.o mailing list |