| 1 |
On Sat, Apr 14, 2012 at 10:41:48AM -0400, Alain Toussaint wrote: |
| 2 |
> In the samba 4 howto, the instructions related to selinux apply to RH and |
| 3 |
> when I tried to compile this modules, I had an error because I'm running |
| 4 |
> in strict mode and semodule tell me it's an MLS modules. What do I need to |
| 5 |
> modify to this module to run it in strict mode? |
| 6 |
> |
| 7 |
> module samba4 1.0; |
| 8 |
> |
| 9 |
> |
| 10 |
> require { |
| 11 |
> type ntpd_t; |
| 12 |
> type usr_t; |
| 13 |
> type initrc_t; |
| 14 |
> class sock_file write; |
| 15 |
> class unix_stream_socket connectto; |
| 16 |
> } |
| 17 |
> |
| 18 |
> #============= ntpd_t ============== |
| 19 |
> allow ntpd_t usr_t:sock_file write; |
| 20 |
> |
| 21 |
> #============= ntpd_t ============== |
| 22 |
> allow ntpd_t initrc_t:unix_stream_socket connectto; |
| 23 |
|
| 24 |
Doesn't look like an MLS specific module here. Just change the header: |
| 25 |
instead of "module samba4 1.0" write "policy_module(samba4, 1.0)" and then |
| 26 |
you should be able to build it with: |
| 27 |
|
| 28 |
~# make -f /usr/share/selinux/strict/include/Makefile samba4.pp |
| 29 |
~# semodule -i samba4.pp |
| 30 |
|
| 31 |
Perhaps you also have a .fc file that goes with it? If you do, that might |
| 32 |
contain some references to sensitivity labels or so that only apply to MLS. |
| 33 |
In that case, tell me what the .fc file looks like. |
| 34 |
|
| 35 |
Wkr, |
| 36 |
Sven Vermeulen |
Archives