From: rfkrocktk@gmail.com (Naftuli Kay)
Date: Tue, 17 Jan 2017 10:21:09 -0800
Subject: [refpolicy] Install Directory for Reference Policy?
In-Reply-To: <CAPTk+sYSDOG=57k+iEjJ8N-TGT+3YZ0+CyOFwD0igO=FBJghLw@mail.gmail.com>
References: <CAPTk+sbeKBw0OBk1qXFkeA-JEDHo69HZdnM7mPFyjY125iO+vw@mail.gmail.com>
	<8978CC35-BED8-451C-BB84-F2335A256ADE@chaschperli.ch>
	<CAPTk+sYSDOG=57k+iEjJ8N-TGT+3YZ0+CyOFwD0igO=FBJghLw@mail.gmail.com>
Message-ID: <CAPTk+sajG9T64fDRSe9G9WVyPOSQz9mYWfcFWa4NrL=nqmKGTw@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

I have followed the given instructions and I still don't have my
policy installed in the right place:

cd /etc/selinux/refpolicy/src/policy
make clean
make bare
make conf
make install

Compare output of tree -L 2 /etc/selinux/default: http://pastebin.com/vwtbrjfY

with output of tree -L 2 /etc/selinux/refpolicy: http://pastebin.com/aDUCEzq0
Thanks,
 - Naftuli Kay


On Tue, Jan 17, 2017 at 10:09 AM, Naftuli Kay <rfkrocktk@gmail.com> wrote:
> I have not, I was unfortunately not aware of it. Following instructions now.
> Thanks,
>  - Naftuli Kay
>
>
> On Mon, Jan 16, 2017 at 9:05 PM, Thomas <thomas@chaschperli.ch> wrote:
>> Did you follow the guide?
>> https://github.com/TresysTechnology/refpolicy/wiki/UseRefpolicy
>>
>> And i think semanage requires the -S switch to operate on a non loaded
>> policy store:
>>
>> -S, --store
>> Select and alternate SELinux store to manage
>>
>> -thomas
>>
>> Am 17. Januar 2017 05:24:40 MEZ schrieb Naftuli Kay via refpolicy
>> <refpolicy@oss.tresys.com>:
>>>
>>> I'm on Ubuntu 16.04 and I've just compiled the reference policy via:
>>>
>>> git clone https://github.com/TresysTechnology/refpolicy.git
>>> cd refpolicy
>>> git submodule init
>>> git submodule update
>>> git checkout RELEASE_2_20161023
>>> ( cd policy/modules/contrib && git checkout RELEASE_2_20161023 )
>>> make conf
>>> make install
>>>
>>> My build.conf looks like this:
>>>
>>> TYPE = standard
>>> NAME = refpolicy
>>> DISTRO = debian
>>> UNK_PERMS = deny
>>> DIRECT_INITRC = n
>>> SYSTEMD = y
>>> MONOLITHIC = n
>>> UBAC = y
>>> CUSTOM_BUILDOPT =
>>> MLS_SENS = 16
>>> MLS_CATS = 1024
>>> MCS_CATS = 1024
>>> QUIET = n
>>>
>>> Pretty normal stuff.
>>>
>>> Unfortunately, though it properly loads at the time of "make install,"
>>> it isn't installed into the expected directory by my distro.
>>> Apparently, Ubuntu wants the binary files to be located at
>>> /etc/selinux/$NAME. The upstream "selinux-policy-default" package
>>> installs its dependencies to /etc/selinux/default and its contents can
>>> be viewed here: http://pastebin.com/8fXvdFUA
>>>
>>> Is there a variable I need to set to have the reference policy install
>>> itself/copy its files following this pattern to
>>> /etc/selinux/refpolicy?
>>> ________________________________
>>>
>>> refpolicy mailing list
>>> refpolicy at oss.tresys.com
>>> http://oss.tresys.com/mailman/listinfo/refpolicy