|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On 06/30/2009 04:41 PM, Rob Crittenden wrote:
RIght I think you would need to build on F9 for support on F11 not the other way around. Just like you would do with shared libraries. You would not expect an c executable built on F11 to run on F9?Daniel J Walsh wrote:On 06/30/2009 10:08 AM, Rob Crittenden wrote:In the freeIPA project we have our own SELinux policy. We support RHEL 5 up through Fedora Rawhide. With Fedora 11 we saw some problems compiling our SELinux module which Dan Walsh provided a patch for. I haven't tried this on older releases yet but I'm guessing it won't work as expected (some policies seem to have been renamed, such as corenet_non_ipsec_sendrecv() -> corenet_all_recvfrom_unlabeled() My question is, how can we handle this in our source tree? Are we going to need to maintain per-release policies or does SELinux support some sort of versioning conditionals? thanks rob ------------------------------------------------------------------------ -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-listThe old interface will work, it just reports a nasty warning message when you compile it against newer policy. So I think you are safe compiling it on RHEL5 and installing it on F10/F11.We compile it on the given platform so we need some way to support all at once. For example, the code that builds fine on F-11 fails like this on F-9: Compiling targeted ipa_webgui module /usr/bin/checkmodule: loading policy configuration from tmp/ipa_webgui.tmp ipa_webgui.te":77:ERROR 'syntax error' at token 'userdom_dontaudit_search_admin_dir' on line 10764: userdom_dontaudit_search_admin_dir(ipa_webgui_t) The diff between F-11 and F-9 being: -userdom_dontaudit_search_sysadm_home_dirs(ipa_webgui_t) +userdom_dontaudit_search_admin_dir(ipa_webgui_t) rob ------------------------------------------------------------------------ -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Home] [Fedora Users] [Fedora Legacy] [Fedora Desktop] [Fedora Bible] [Big List of Linux Books] [Yosemite Photos] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]
