missing selinux Makefile
It could have been so beautiful…but read it and weep.
I created a shell script and after successful testing, copied it into /etc/cron.daily but strangely it never ran. It runs without problems when invoked from the command line. I checked the log files and found audit errors referencing the script.
Aha: this machine runs selinux. ls -Z showed that my script had a different selinux signature than all the other files in /etc/cron.daily — clearly the source of the problem.
A little reading divulged that I could edit the appropriate selinux config file and recompile the policy via ‘make load’. I added a line for my script in file_contexts. But then I discovered there is no selinux Makefile on my system! In fact there is no src directory under /etc/selinux/targeted.
So it appears that I’m dead in the water until I can get the selinux source files with which to recompile my policy.
checkpolicy is installed in /usr/bin. But I’m hesitant to run this tool directly, especially since I’m an selinux n00b.
A support forum post on this problem has yielded no replies at the time of this blig entry. (Hence this entry, a support plea to the blig’s many technically superior readers.)