Where is the Java SELinux Political Module for CentOS 7?

Question

Where is the Java SELinux Political Module for CentOS 7?

I noticed that in the target SELinux policy for CentOS 7 in

no file java.pp

/etc/selinux/targeted/modules/active/modules

Catalog. Interestingly, the original rpm selinux-policy-3.12.1-153.el7.src.rpm

from http://vault.centos.org has java.te, java.if and java.fc files, so I tried to get java.pp by copying them in a separate folder and doing:

make NAME=targeted -f /usr/share/selinux/devel/Makefile

but i get an error 74:ERROR 'unknown type java_domain'

and java.pp file.

Anyone from Java and SELinux states for CentOS 7. I noticed that my CentOS 6.5 servers have a java.pp module available.

Thanks, greenaj

+3

java linux selinux

greenaj 26 Sep 14 at 21:52

source to share

1 answer

user1823856 · Answer 1 · 2016-08-30T16:43:26+0000

I just started looking at this myself and found:

https://github.com/TresysTechnology/refpolicy-contrib

Git clone above and pay attention to java.te, java.if and java.fc

Try: make -f / usr / share / selinux / devel / Makefile java.pp

If the limit is met, load a new module with: semodule -i java.pp

I do get the syntax error / usr / bin / checkmodule on java.te, but I'm trying this on RHEL 6.7 ...

You may need to checkout a specific branch for one OS version. Good luck.

Where is the Java SELinux Political Module for CentOS 7?

More articles: