Hi, I was updating a policy because I had to add some permissions.
So, I added number in .te file and successfully upgraded mypolicy.
semodule -u mypolicy.pp
5 minutes later, I found another permission should have been added to mypolicy.pp so I added it and .te number remains the same.
Yes, I should have added permissions at one time and make no haste.
But, isn't it convenient to add --force option to semodule ? Now, if the number is the same, I get this error.
[root@localhost xx]# semodule -u mypolicy.pp libsemanage.get_direct_upgrade_filename: Previous module mypolicy is same or newer. (No such file or directory).
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
semodule -i mypolicy.pp
is equivalent to
semodule -u --force mypolicy.pp
On 03/14/2014 10:07 PM, Shintaro Fujiwara wrote:
Hi, I was updating a policy because I had to add some permissions.
So, I added number in .te file and successfully upgraded mypolicy.
semodule -u mypolicy.pp
5 minutes later, I found another permission should have been added to mypolicy.pp so I added it and .te number remains the same.
Yes, I should have added permissions at one time and make no haste.
But, isn't it convenient to add --force option to semodule ? Now, if the number is the same, I get this error.
[root@localhost xx]# semodule -u mypolicy.pp libsemanage.get_direct_upgrade_filename: Previous module mypolicy is same or newer. (No such file or directory).
-- 日本にヘヴィメタル・ハードロックを根付かせるページ http://heavymetalhardrock.no-ip.info/ http://www.heavymetalhardrock.tk/
世界中でセキュアOSのSELinuxを使いやすくするフリーソフト http://sourceforge.net/projects/segatex/
CMS(PHPとPostgreSQLを使ったフリーソフト) http://sourceforge.net/projects/webon/
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
I understand, thanks.
2014-03-15 19:04 GMT+09:00 Daniel J Walsh dwalsh@redhat.com:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
semodule -i mypolicy.pp
is equivalent to
semodule -u --force mypolicy.pp
On 03/14/2014 10:07 PM, Shintaro Fujiwara wrote:
Hi, I was updating a policy because I had to add some permissions.
So, I added number in .te file and successfully upgraded mypolicy.
semodule -u mypolicy.pp
5 minutes later, I found another permission should have been added to mypolicy.pp so I added it and .te number remains the same.
Yes, I should have added permissions at one time and make no haste.
But, isn't it convenient to add --force option to semodule ? Now, if the number is the same, I get this error.
[root@localhost xx]# semodule -u mypolicy.pp libsemanage.get_direct_upgrade_filename: Previous module mypolicy is same or newer. (No such file or directory).
-- 日本にヘヴィメタル・ハードロックを根付かせるページ http://heavymetalhardrock.no-ip.info/ http://www.heavymetalhardrock.tk/
世界中でセキュアOSのSELinuxを使いやすくするフリーソフト
http://sourceforge.net/projects/segatex/
CMS(PHPとPostgreSQLを使ったフリーソフト) http://sourceforge.net/projects/webon/
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlMkJZsACgkQrlYvE4MpobNNswCdEduTFcji/0kftHtI0ccjNmhB 5jgAoIn1p6MB6o70t+M2NXS9HyuS8Fa2 =2HR1 -----END PGP SIGNATURE-----
selinux@lists.fedoraproject.org
-
Daniel J Walsh -
Shintaro Fujiwara