From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
 by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id t8OH2LlW011695
 for <selinux@tycho.nsa.gov>; Thu, 24 Sep 2015 13:02:21 -0400
Subject: Re: Cil Macros
To: James Carter <jwcart2@tycho.nsa.gov>, selinux@tycho.nsa.gov
References: <56037F3F.4050200@yahoo.com> <5603EAA2.2080805@tycho.nsa.gov>
From: Dan <dtdevore64@yahoo.com>
Message-ID: <56042C92.2020904@yahoo.com>
Date: Thu, 24 Sep 2015 13:02:10 -0400
MIME-Version: 1.0
In-Reply-To: <5603EAA2.2080805@tycho.nsa.gov>
Content-Type: text/plain; charset=windows-1252; format=flowed
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
 <selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>

The only thing I am confused on now is on what to put for the "ARG" 
statements. Now when it says "ARG1" am I supposed to put my mytest_t 
type there or just leave it as it says like ARG1? I took out the 
typeattributeset statement like you said and tried to build it with the 
following, but it still failed. Thanks.

(macro mytest_t_domain_auto_trans ((type ARG1))
   (call domain_trans (type ARG1))
   (allow ARG1  mytest_t (process (exec read write getattr transition)))
)



On 09/24/2015 08:20 AM, James Carter wrote:
> On 09/24/2015 12:42 AM, Dan wrote:
>> Hello everyone, I've been trying to play around with macros with the CIL
>> language and have come across some problems on how they work. I'm 
>> just trying to
>> simple create a macro that will do a type transition with a process 
>> called
>> mytest_t domain.
>>
>> Here is what I have so far:
>>
>>
>>
>>
>> (macro mytest_t_domain_auto_trans ((ARG1))
>>    (typeattributeset cil_gen_require application_domain_type)
>>    (call domain_trans (ARG1))
>>    (allow ARG1 mytest_t (process (exec read write getattr transition)))
>> )
>>
>
> You are probably getting a message saying invalid syntax.
> The macro definition needs to say what the argument is, like this:
> (macro mytest_t_domain_auto_trans ((type ARG1))
>
> We use (typeattributeset cil_gen_require SOME_TYPE) when converting pp 
> files to cil to make optional blocks work when a type is required, but 
> not used. I don't think that you need it here.
>
> I hope that helps.
>
> Jim
>
>>
>>
>> ...but when I try to run it it obviously doesn't work. If anyone has 
>> any input
>> on what I am doing wrong I'm all ears. Thanks.
>> _______________________________________________
>> Selinux mailing list
>> Selinux@tycho.nsa.gov
>> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
>> To get help, send an email containing "help" to 
>> Selinux-request@tycho.nsa.gov.
>>
>
>