[DSE-Dev] Bug#913987: policycoreutils-python-utils: audit2allow -R cant open "interface info"
Laurent Bigonville
bigon at debian.org
Mon Dec 3 11:34:56 GMT 2018
On Sat, 17 Nov 2018 17:00:30 -0800 Jade McCormick
<jade at cerberus.heptet.us> wrote:
> Dear Maintainer,
>
> audit2allow -R is supposed to generate allow rules that incorporate M4
> interface macros from the reference policy. However, this does not
appear to work
> on debian. When I run audit2allow -b -R, for instance:
>
> could not open interface info [/var/lib/sepolgen/interface_info]
>
> I had to run "sepolgen-ifgen" in order for this command to work.
>
> Is it possible to ship this file in the package, or to run this
command upon
> package installation?
sepolgen-ifgen is called from the postinst script from the
selinux-policy-dev package already.
As you can have multiple policy installed on your system, I'm not too
sure how to handle this as you would need to re-run sepolgen-ifgen
manually when switching policy anyway.
So I would say, if you are using the debian policy everything is already
working automatically, if you are using a custom policy you are on your own.
More information about the SELinux-devel
mailing list