From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id t6MMLq8a028534 for ; Wed, 22 Jul 2015 18:21:52 -0400 To: selinux@tycho.nsa.gov From: Dan Subject: Trouble building a .cil policy from scratch. Message-ID: <55B01776.3030308@yahoo.com> Date: Wed, 22 Jul 2015 18:21:42 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Hey guys, I've been reading the documentation of CIL language and have been practicing writing policies from scratch and have come across a problem. Here is what I have so far(which is just a simple example): (type myapp_t) (role object_r) (role staff_r) (roletype object_r myapp_t) (typeattribute domain) (typeattributetypes domain (myapp_t)) (type myapp_exec_t) (roletype object_r myapp_exec_t) (typeattribute domain) (typeattributetypes domain (myapp_exec_t)) Now I know I need other stuff to build this module completely like SID, access vectors, etc, but I'm stuck because it doesn't recognize the "typeattributetypes" statement. It just spits out the error as an unknown keyword which I don't know why I would because I'm pretty sure I used it right, but I'm still learning. Any info would be awesome. Thanks guys.