7a728e46a5
When a user installs a module, the filename is used as the module name. This change was introduced with CIL language where a module name is not stored in the module itself. It means that when a pp module has different filename and stored module name, the filename is used instead of the stored module name. It brings problems with compatibility for scripts and modules which were built and used on older system and were migrated to the new userspace. This patch changes the behavior of semanage_direct_install_file() which is used by 'semodule -i' so that when a module with pp language extension is installed, it tries to get and use a stored module name instead of a filename. A warning message is provided. The warning message in policycoreutils/hll/pp is updated to reflect this change: $ semodule -X 400 -i /root/testfile.pp Warning: SELinux userspace will refer to the module from /root/testfile.pp as testmod rather than testfile $ /usr/libexec/selinux/hll/pp /root/testfile.pp testfile.cil Warning: SELinux userspace will refer to the module from /root/testfile.pp as testmod rather than testfile Signed-off-by: Petr Lautrbach <plautrba@redhat.com> |
||
|---|---|---|
| checkpolicy | ||
| libselinux | ||
| libsemanage | ||
| libsepol | ||
| policycoreutils | ||
| scripts | ||
| secilc | ||
| sepolgen | ||
| .gitignore | ||
| Android.mk | ||
| CleanSpec.mk | ||
| Makefile | ||
| README | ||
README
Please submit all bug reports and patches to selinux@tycho.nsa.gov. Subscribe via selinux-join@tycho.nsa.gov. Build dependencies on Fedora: yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python-devel setools-devel swig ustr-devel xmlto redhat-rpm-config To build and install everything under a private directory, run: make DESTDIR=~/obj install install-pywrap To install as the default system libraries and binaries (overwriting any previously installed ones - dangerous!), on x86_64, run: make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel or on x86 (32-bit), run: make install install-pywrap relabel This may render your system unusable if the upstream SELinux userspace lacks library functions or other dependencies relied upon by your distribution. If it breaks, you get to keep both pieces.