[PATCH][gnome.if]: bad gen

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH][gnome.if]: bad gen_require type
@ 2008-09-04 15:09 Xavier Toth
  2008-09-04 16:07 ` Christopher J. PeBenito
  2008-09-04 17:27 ` Daniel J Walsh
  0 siblings, 2 replies; 5+ messages in thread
From: Xavier Toth @ 2008-09-04 15:09 UTC (permalink / raw)
  To: SELinux Mailing List

When I attempted to use this interface I got the follow error:
/usr/bin/checkmodule:  loading policy configuration from tmp/ml-launch.tmp
ml-launch.te":72:ERROR 'unknown type user_gconf_tmp_t' at token ';' on
line 5970:
	allow ml_launch_t user_gconf_tmp_t:dir { getattr search };

--- serefpolicy-3.5.4/policy/modules/apps/gnome.if	2008-08-28
17:36:53.000000000 -0500
+++ serefpolicy-3.5.4.new/policy/modules/apps/gnome.if	2008-08-28
17:35:59.000000000 -0500
@@ -125,7 +125,7 @@
 #
 template(`gnome_stream_connect_gconf_template',`
 	gen_require(`
-		type $1_gconfd_t, gconf_tmp_t;
+		type $1_gconfd_t, $1_gconf_tmp_t;
 	')

 	read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH][gnome.if]: bad gen_require type
  2008-09-04 15:09 [PATCH][gnome.if]: bad gen_require type Xavier Toth
@ 2008-09-04 16:07 ` Christopher J. PeBenito
  2008-09-04 17:27 ` Daniel J Walsh
  1 sibling, 0 replies; 5+ messages in thread
From: Christopher J. PeBenito @ 2008-09-04 16:07 UTC (permalink / raw)
  To: Xavier Toth; +Cc: SELinux Mailing List

On Thu, 2008-09-04 at 10:09 -0500, Xavier Toth wrote:
> When I attempted to use this interface I got the follow error:
> /usr/bin/checkmodule:  loading policy configuration from tmp/ml-launch.tmp
> ml-launch.te":72:ERROR 'unknown type user_gconf_tmp_t' at token ';' on
> line 5970:
> 	allow ml_launch_t user_gconf_tmp_t:dir { getattr search };

I couldn't find a revision in refpolicy that has this bug.  Also, this
would have been better posted to the refpolicy mail list.

> --- serefpolicy-3.5.4/policy/modules/apps/gnome.if	2008-08-28
> 17:36:53.000000000 -0500
> +++ serefpolicy-3.5.4.new/policy/modules/apps/gnome.if	2008-08-28
> 17:35:59.000000000 -0500
> @@ -125,7 +125,7 @@
>  #
>  template(`gnome_stream_connect_gconf_template',`
>  	gen_require(`
> -		type $1_gconfd_t, gconf_tmp_t;
> +		type $1_gconfd_t, $1_gconf_tmp_t;
>  	')
> 
>  	read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH][gnome.if]: bad gen_require type
  2008-09-04 15:09 [PATCH][gnome.if]: bad gen_require type Xavier Toth
  2008-09-04 16:07 ` Christopher J. PeBenito
@ 2008-09-04 17:27 ` Daniel J Walsh
  2008-09-04 18:29   ` Xavier Toth
  1 sibling, 1 reply; 5+ messages in thread
From: Daniel J Walsh @ 2008-09-04 17:27 UTC (permalink / raw)
  To: Xavier Toth; +Cc: SELinux Mailing List

Xavier Toth wrote:
> When I attempted to use this interface I got the follow error:
> /usr/bin/checkmodule:  loading policy configuration from tmp/ml-launch.tmp
> ml-launch.te":72:ERROR 'unknown type user_gconf_tmp_t' at token ';' on
> line 5970:
> 	allow ml_launch_t user_gconf_tmp_t:dir { getattr search };
> 
> --- serefpolicy-3.5.4/policy/modules/apps/gnome.if	2008-08-28
> 17:36:53.000000000 -0500
> +++ serefpolicy-3.5.4.new/policy/modules/apps/gnome.if	2008-08-28
> 17:35:59.000000000 -0500
> @@ -125,7 +125,7 @@
>  #
>  template(`gnome_stream_connect_gconf_template',`
>  	gen_require(`
> -		type $1_gconfd_t, gconf_tmp_t;
> +		type $1_gconfd_t, $1_gconf_tmp_t;
>  	')
> 
>  	read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)
> 
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.

In Rawhide it should be, since we don't types based on role.

 #
 template(`gnome_stream_connect_gconf_template',`
 	gen_require(`
		type $1_gconfd_t, gconf_tmp_t;
 	')
>
 	read_files_pattern($2, gconf_tmp_t, gconf_tmp_t)

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH][gnome.if]: bad gen_require type
  2008-09-04 17:27 ` Daniel J Walsh
@ 2008-09-04 18:29   ` Xavier Toth
  2008-09-04 18:53     ` Daniel J Walsh
  0 siblings, 1 reply; 5+ messages in thread
From: Xavier Toth @ 2008-09-04 18:29 UTC (permalink / raw)
  To: Daniel J Walsh; +Cc: SELinux Mailing List

On Thu, Sep 4, 2008 at 12:27 PM, Daniel J Walsh <dwalsh@redhat.com> wrote:
> Xavier Toth wrote:
>> When I attempted to use this interface I got the follow error:
>> /usr/bin/checkmodule:  loading policy configuration from tmp/ml-launch.tmp
>> ml-launch.te":72:ERROR 'unknown type user_gconf_tmp_t' at token ';' on
>> line 5970:
>>       allow ml_launch_t user_gconf_tmp_t:dir { getattr search };
>>
>> --- serefpolicy-3.5.4/policy/modules/apps/gnome.if    2008-08-28
>> 17:36:53.000000000 -0500
>> +++ serefpolicy-3.5.4.new/policy/modules/apps/gnome.if        2008-08-28
>> 17:35:59.000000000 -0500
>> @@ -125,7 +125,7 @@
>>  #
>>  template(`gnome_stream_connect_gconf_template',`
>>       gen_require(`
>> -             type $1_gconfd_t, gconf_tmp_t;
>> +             type $1_gconfd_t, $1_gconf_tmp_t;
>>       ')
>>
>>       read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)
>>
>> --
>> This message was distributed to subscribers of the selinux mailing list.
>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>> the words "unsubscribe selinux" without quotes as the message.
>
> In Rawhide it should be, since we don't types based on role.
>
>  #
>  template(`gnome_stream_connect_gconf_template',`
>        gen_require(`
>                type $1_gconfd_t, gconf_tmp_t;
>        ')
>>
>        read_files_pattern($2, gconf_tmp_t, gconf_tmp_t)
>

I just got 3.5.6 from koji and which contains:

template(`gnome_stream_connect_gconf_template',`
        gen_require(`
                type $1_gconfd_t, gconf_tmp_t;
        ')

        read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)
        allow $2 $1_gconfd_t:unix_stream_socket connectto;
')

and not what your email indicated it should be for the read_files_pattern.

Ted

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH][gnome.if]: bad gen_require type
  2008-09-04 18:29   ` Xavier Toth
@ 2008-09-04 18:53     ` Daniel J Walsh
  0 siblings, 0 replies; 5+ messages in thread
From: Daniel J Walsh @ 2008-09-04 18:53 UTC (permalink / raw)
  To: Xavier Toth; +Cc: SELinux Mailing List

Xavier Toth wrote:
> On Thu, Sep 4, 2008 at 12:27 PM, Daniel J Walsh <dwalsh@redhat.com> wrote:
>> Xavier Toth wrote:
>>> When I attempted to use this interface I got the follow error:
>>> /usr/bin/checkmodule:  loading policy configuration from tmp/ml-launch.tmp
>>> ml-launch.te":72:ERROR 'unknown type user_gconf_tmp_t' at token ';' on
>>> line 5970:
>>>       allow ml_launch_t user_gconf_tmp_t:dir { getattr search };
>>>
>>> --- serefpolicy-3.5.4/policy/modules/apps/gnome.if    2008-08-28
>>> 17:36:53.000000000 -0500
>>> +++ serefpolicy-3.5.4.new/policy/modules/apps/gnome.if        2008-08-28
>>> 17:35:59.000000000 -0500
>>> @@ -125,7 +125,7 @@
>>>  #
>>>  template(`gnome_stream_connect_gconf_template',`
>>>       gen_require(`
>>> -             type $1_gconfd_t, gconf_tmp_t;
>>> +             type $1_gconfd_t, $1_gconf_tmp_t;
>>>       ')
>>>
>>>       read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)
>>>
>>> --
>>> This message was distributed to subscribers of the selinux mailing list.
>>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>>> the words "unsubscribe selinux" without quotes as the message.
>> In Rawhide it should be, since we don't types based on role.
>>
>>  #
>>  template(`gnome_stream_connect_gconf_template',`
>>        gen_require(`
>>                type $1_gconfd_t, gconf_tmp_t;
>>        ')
>>        read_files_pattern($2, gconf_tmp_t, gconf_tmp_t)
>>
> 
> I just got 3.5.6 from koji and which contains:
> 
> template(`gnome_stream_connect_gconf_template',`
>         gen_require(`
>                 type $1_gconfd_t, gconf_tmp_t;
>         ')
> 
>         read_files_pattern($2, $1_gconf_tmp_t, $1_gconf_tmp_t)
>         allow $2 $1_gconfd_t:unix_stream_socket connectto;
> ')
> 
> and not what your email indicated it should be for the read_files_pattern.
> 
> Ted
Patience 3.5.6-2 will have tonight.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2008-09-04 18:53 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-09-04 15:09 [PATCH][gnome.if]: bad gen_require type Xavier Toth
2008-09-04 16:07 ` Christopher J. PeBenito
2008-09-04 17:27 ` Daniel J Walsh
2008-09-04 18:29   ` Xavier Toth
2008-09-04 18:53     ` Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.