Rudder

When rudder-webapp.pp is installed as selinux module we get an error (at least on redhat6):

semodule -i /opt/rudder/share/selinux/rudder-webapp.pp
libsepol.module_package_read_offsets: wrong magic number for module package:  expected 0xf97cff8f, got 0x75646f6d
libsemanage.parse_module_headers: Could not parse module data.

checkmodule -b  /opt/rudder/share/selinux/rudder-webapp.pp 
checkmodule:  loading policy configuration from /opt/rudder/share/selinux/rudder-webapp.pp
libsepol.policydb_read: policydb magic number 0x75646f6d does not match expected magic number 0xf97cff8c or 0xf97cff8d
checkmodule:  error(s) encountered while parsing configuration

I can create a valid pp file for selinux by creating a .te file and transform it via a selinux makefile

my rudder-webapp.te file:

policy_module(rudder-webapp, 1.0)

gen_require(`
  type httpd_t;
  type var_t;
  type http_cache_port_t;
  class tcp_socket name_connect;
  class file getattr;
')

allow httpd_t http_cache_port_t:tcp_socket name_connect;

and running the following command:

make -f /usr/share/selinux/devel/Makefile rudder-webapp.pp

This generates a rudder-webapp.pp file that i can install with semodule.

Benoit, Matthieu, Alexis, do you have any hindsight on this?