FTR https://bugzilla.redhat.com/show_bug.cgi?id=1311922
On 02/24/2016 05:02 PM, Miroslav Vadkerti wrote:
Hi,
In Fedora 23 the policy_module declaration is ignored and the policy module name is taken from the module filename. This can cause confusion for the users in some cases (same policy module declared in different files).
# cat test_noaccess.te policy_module(policy_tools_test, 1.0) [snip]
# make -f /usr/share/selinux/devel/Makefile Compiling mls test_noaccess module /usr/bin/checkmodule: loading policy configuration from tmp/test_noaccess.tmp /usr/bin/checkmodule: policy configuration loaded /usr/bin/checkmodule: writing binary representation (version 17) to tmp/test_noaccess.mod Creating mls test_noaccess.pp policy package rm tmp/test_noaccess.mod.fc tmp/test_noaccess.mod
# semodule -i test_noaccess.pp | grep noaccess test_noaccess
If the policy_module is now being ignored, could the policy module "compilation" print a warning about that? Or, maybe better, to generate the module name according to the policy_module specification so we do not regress in the behavior?
Thanks and best regards, /M
-- selinux mailing list selinux@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/selinux@lists.fedoraproject.org