Currently we have a standard practice (as implemented in about 99% of all
modules) of having the name passed to the policy_module() macro be the same
as the basename of the policy source file used minus the ".te" extension.
For example the file policy/modules/system/getty.te
contains "policy_module(getty,1.6.0)".
We currently have some exceptions to this rule, iscsi.te (module name iscsid),
and audioentropy.te (module name audio_entropy).
It seems to me that having the build system permit this (as is currently the
case) is just asking for trouble. It allows the creation of a policy whereby
it can be unreasonably difficult for a human (and impossible for a script) to
determine which .pp file is the origin of a module.
The minimal solution to this would be to have the build system refuse to build
such a module.
To avoid problems in the short-term we need to change the policy_module lines
in iscsi.te and audioentropy.te (I've done that in my tree).
If someone is looking for something to work on then a "make check" target for
the policy which checks for a variety of silly things of this calibre would
be a good idea. Something that people who do serious policy work could run
as a nightly cron job.
--
russell at coker.com.au
http://etbe.coker.com.au/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development