From: Johan Fischer <jfischer@cmcrc.com>
To: SELinux@tycho.nsa.gov
Subject: [refpolicy] policy not compiling
Date: Wed, 09 Nov 2005 13:05:01 +1100 [thread overview]
Message-ID: <4371594D.4010508@cmcrc.com> (raw)
Hi list,
Sorry for the trouble again....
I'm trying to install the refpolicy (tried the cvs HEAD and
refpolicy-20051019) but even with the patch applied earlier, the policy
doesn't compile....
Here's the output of make:
----------------------------
clamp:/etc/selinux/refpolicy/src/policy# make policy
cat policy/flask/security_classes policy/flask/initial_sids
policy/flask/access_vectors policy/support/loadable_module.spt
policy/support/misc_macros.spt policy/support/obj_perm_sets.spt
policy/mls policy/mcs > tmp/pre_te_files.conf
echo "define(\`per_userdomain_templates',\`" >
tmp/generated_definitions.conf
for i in apache apm bluetooth lpd; do \
echo
"ifdef(\`""$i""_per_userdomain_template',\`""$i""_per_userdomain_template("'$*'")')"
\
>> tmp/generated_definitions.conf ;\
done
echo "')" >> tmp/generated_definitions.conf
for i in apache.te apm.te bluetooth.te lpd.te; do \
echo "define(\`$i')" >> tmp/generated_definitions.conf ;\
done
support/set_tunables policy/booleans.conf >> tmp/generated_definitions.conf
m4 policy/support/loadable_module.spt policy/support/misc_macros.spt
policy/support/obj_perm_sets.spt policy/modules/services/apache.if
policy/modules/services/apm.if policy/modules/services/bluetooth.if
policy/modules/services/lpd.if | sed -e s/dollarsstar/\$\*/g >
tmp/all_interfaces.conf
cat policy/modules/services/apache.te policy/modules/services/apm.te
policy/modules/services/bluetooth.te policy/modules/services/lpd.te >
tmp/all_te_files.conf
cat policy/systemuser policy/users policy/constraints >
tmp/post_te_files.conf
grep ^attribute tmp/all_te_files.conf > tmp/all_attrs_types.conf || true
grep '^type ' tmp/all_te_files.conf >> tmp/all_attrs_types.conf
cat tmp/post_te_files.conf > tmp/all_post.conf
grep '^sid ' tmp/all_te_files.conf >> tmp/all_post.conf || true
egrep '^fs_use_(xattr|task|trans)' tmp/all_te_files.conf >>
tmp/all_post.conf || true
grep ^genfscon tmp/all_te_files.conf >> tmp/all_post.conf || true
sed -r -e /^attribute/d -e '/^type /d' -e /^genfscon/d \
-e '/^sid /d' -e '/^fs_use_(xattr|task|trans)/d' \
< tmp/all_te_files.conf > tmp/only_te_rules.conf
Creating refpolicy policy.conf
m4 -D self_contained_policy -D enable_mcs -D targeted_policy -D
distro_redhat -D direct_sysadm_daemon -D hide_broken_symptoms -s
tmp/pre_te_files.conf tmp/generated_definitions.conf
tmp/all_interfaces.conf tmp/all_attrs_types.conf policy/global_booleans
policy/global_tunables tmp/only_te_rules.conf tmp/all_post.conf >
tmp/policy.conf.tmp
sed -e /^portcon/d -e /^nodecon/d -e /^netifcon/d < tmp/policy.conf.tmp
> policy.conf
grep ^portcon tmp/policy.conf.tmp >> policy.conf || true
grep ^netifcon tmp/policy.conf.tmp >> policy.conf || true
grep ^nodecon tmp/policy.conf.tmp >> policy.conf || true
Compiling refpolicy policy.20
/usr/bin/checkpolicy -M policy.conf -o policy.20
/usr/bin/checkpolicy: loading policy configuration from policy.conf
tmp/only_te_rules.conf:28:ERROR 'syntax error' at token
'init_daemon_domain' on line 3204:
init_daemon_domain(httpd_t,httpd_exec_t)
/usr/bin/checkpolicy: error(s) encountered while parsing configuration
make: *** [policy.20] Error 1
clamp:/etc/selinux/refpolicy/src/policy#
---------------------------
FYI, I'm using a debian unstable with policycoreutils 1.26.
even if I changed the distro to debian, it doesn't help...
Thx,
Johan.
--
Johan Fischer
Capital Markets CRC Limited
Level 2, 9 Castlereagh Street, Sydney NSW 2000
Tel: +61 2 9233 7999 Direct: +61 2 9236 9150
Fax: +61 2 9236 9177 http://www.cmcrc.com
Capital Markets CRC Ltd (CMCRC) - Confidential Communication
The information contained in this e-mail is confidential. It is intended solely for the addressee. If you receive this e-mail by mistake please promptly inform us by reply e-mail and then delete the e-mail and destroy any printed copy. You must not disclose or use in any way the information in the e-mail. There is no warranty that this e-mail is error or virus free. It may be a private communication, and if so, does not represent the views of the CMCRC and its associates. If it is a private communication, care should be taken in opening it to ensure that undue offence is not given.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next reply other threads:[~2005-11-09 2:05 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-09 2:05 Johan Fischer [this message]
2005-11-09 14:39 ` [refpolicy] policy not compiling Christopher J. PeBenito
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4371594D.4010508@cmcrc.com \
--to=jfischer@cmcrc.com \
--cc=SELinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.