Re: Problem install Reference Policy

All of lore.kernel.org
 help / color / mirror / Atom feed

* Re: Problem install Reference Policy
@ 2009-09-07  2:10 zheyeung
  2009-09-07  4:14 ` Justin P. Mattock
  0 siblings, 1 reply; 6+ messages in thread
From: zheyeung @ 2009-09-07  2:10 UTC (permalink / raw)
  To: waqar afridi; +Cc: selinux

[-- Attachment #1: Type: text/plain, Size: 1322 bytes --]

hello waqar, I used to get this problem.after then, i edit file build.conf in some way  ,then make . make successfully!
but I've got another problem . after i install the policy (by editting /etc/ selinux/config ,reboot)  ,my graphic user interface failed to start up.and i don't kown why. 

I run "semanage login -l" ,found "login" of root is root: sysadm_r.but default targeted in Fedora-11. root 's "login" is "unconfined_u: unconfined_r".


2009-09-07 



zheyeung 



发件人： waqar afridi 
发送时间： 2009-09-05  15:44:44 
收件人： selinux 
抄送： 
主题： Problem install Reference Policy 
 
Hello Every One,

I am new to selinux, I am using Ubuntu and i am trying to install reference Policy on it, after running command make load, I get this error,
I dont know whats wrong

/usr/bin/checkpolicy policy.conf -o /etc/selinux/refpolicy/policy/policy.23
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
policy/modules/services/ifplugd.te":67:ERROR 'type netutils_exec_t is not within scope' at token ';' on line 362418:
    allow ifplugd_t netutils_exec_t:file { getattr open read execute };
#line 67
checkpolicy:  error(s) encountered while parsing configuration
make: *** [/etc/selinux/refpolicy/policy/policy.23] Error 1


-- 
Waqar Afridi

[-- Attachment #2: Type: text/html, Size: 4043 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Problem install Reference Policy
  2009-09-07  2:10 Problem install Reference Policy zheyeung
@ 2009-09-07  4:14 ` Justin P. Mattock
  2009-09-07  6:53   ` waqar afridi
  0 siblings, 1 reply; 6+ messages in thread
From: Justin P. Mattock @ 2009-09-07  4:14 UTC (permalink / raw)
  To: zheyeung; +Cc: waqar afridi, selinux

zheyeung wrote:
> hello waqar, I used to get this problem.after then, i edit file 
> build.conf in some way  ,then make . make successfully!
> but I've got another problem . after i install the policy (by editting 
> /etc/ selinux/config ,reboot)  ,my graphic user interface failed to 
> start up.and i don't kown why.
> I run "semanage login -l" ,found "login" of root is root: sysadm_r.but 
> default targeted in Fedora-11. root 's "login" is "unconfined_u: 
> unconfined_r".

you might try  make clean, make enableaudit, make policy
this will generate some more avc's that you might need
to allow to startx.
> 2009-09-07
> ------------------------------------------------------------------------
> zheyeung
> ------------------------------------------------------------------------
> *发件人：* waqar afridi
> *发送时间：* 2009-09-05  15:44:44
> *收件人：* selinux
> *抄送：*
> *主题：* Problem install Reference Policy
> Hello Every One,
>
> I am new to selinux, I am using Ubuntu and i am trying to install 
> reference Policy on it, after running command make load, I get this error,
> I dont know whats wrong
>
> /usr/bin/checkpolicy policy.conf -o 
> /etc/selinux/refpolicy/policy/policy.23
> /usr/bin/checkpolicy:  loading policy configuration from policy.conf
> policy/modules/services/ifplugd.te":67:ERROR 'type netutils_exec_t is 
> not within scope' at token ';' on line 362418:
>     allow ifplugd_t netutils_exec_t:file { getattr open read execute };
> #line 67
> checkpolicy:  error(s) encountered while parsing configuration
> make: *** [/etc/selinux/refpolicy/policy/policy.23] Error 1
>
>
> -- 
> Waqar Afridi

Justin P. Mattock

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Problem install Reference Policy
  2009-09-07  4:14 ` Justin P. Mattock
@ 2009-09-07  6:53   ` waqar afridi
  2009-09-07  7:55     ` Justin P. Mattock
  2009-09-07 14:17     ` Dennis Wronka
  0 siblings, 2 replies; 6+ messages in thread
From: waqar afridi @ 2009-09-07  6:53 UTC (permalink / raw)
  To: zheyeung, selinux

[-- Attachment #1: Type: text/plain, Size: 2304 bytes --]

*Thanx zheyeung*, But If I do leave the original *Build.conf* I get the
following error

/usr/bin/checkpolicy policy.conf -o /etc/selinux/refpolicy/policy/policy.23
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
make: *** [/etc/selinux/refpolicy/policy/policy.23] Killed

 Is it due to less memory or some thing else, I also turned off some
unwanted modules from *modules.conf*, but didnt help, What should I do?

On Mon, Sep 7, 2009 at 10:14 AM, Justin P. Mattock
<justinmattock@gmail.com>wrote:

> zheyeung wrote:
>
>> hello waqar, I used to get this problem.after then, i edit file build.conf
>> in some way  ,then make . make successfully!
>> but I've got another problem . after i install the policy (by editting
>> /etc/ selinux/config ,reboot)  ,my graphic user interface failed to start
>> up.and i don't kown why.
>> I run "semanage login -l" ,found "login" of root is root: sysadm_r.but
>> default targeted in Fedora-11. root 's "login" is "unconfined_u:
>> unconfined_r".
>>
>
> you might try  make clean, make enableaudit, make policy
> this will generate some more avc's that you might need
> to allow to startx.
>
>  2009-09-07
>> ------------------------------------------------------------------------
>> zheyeung
>> ------------------------------------------------------------------------
>> *发件人：* waqar afridi
>> *发送时间：* 2009-09-05  15:44:44
>> *收件人：* selinux
>> *抄送：*
>> *主题：* Problem install Reference Policy
>> Hello Every One,
>>
>> I am new to selinux, I am using Ubuntu and i am trying to install
>> reference Policy on it, after running command make load, I get this error,
>> I dont know whats wrong
>>
>> /usr/bin/checkpolicy policy.conf -o
>> /etc/selinux/refpolicy/policy/policy.23
>> /usr/bin/checkpolicy:  loading policy configuration from policy.conf
>> policy/modules/services/ifplugd.te":67:ERROR 'type netutils_exec_t is not
>> within scope' at token ';' on line 362418:
>>    allow ifplugd_t netutils_exec_t:file { getattr open read execute };
>> #line 67
>> checkpolicy:  error(s) encountered while parsing configuration
>> make: *** [/etc/selinux/refpolicy/policy/policy.23] Error 1
>>
>>
>> --
>> Waqar Afridi
>>
>
> Justin P. Mattock
>



-- 
Waqar Afridi

[-- Attachment #2: Type: text/html, Size: 3131 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Problem install Reference Policy
  2009-09-07  6:53   ` waqar afridi
@ 2009-09-07  7:55     ` Justin P. Mattock
  2009-09-07 14:17     ` Dennis Wronka
  1 sibling, 0 replies; 6+ messages in thread
From: Justin P. Mattock @ 2009-09-07  7:55 UTC (permalink / raw)
  To: waqar afridi; +Cc: zheyeung, selinux

waqar afridi wrote:
> *Thanx zheyeung*, But If I do leave the original *Build.conf* I get
> the following error
>
> /usr/bin/checkpolicy policy.conf -o
> /etc/selinux/refpolicy/policy/policy.23
> /usr/bin/checkpolicy: loading policy configuration from policy.conf
> make: *** [/etc/selinux/refpolicy/policy/policy.23] Killed
>
> Is it due to less memory or some thing else, I also turned off some
> unwanted modules from *modules.conf*, but didnt help, What should I do?
>
>
Not sure, I was receiving an error
from checkpolicy, but I think I'm missing
a dependency.(keep in mind this is a custom clfs
system).
In your case if your using a distro
checkpolicy should be functioning properly.

have you tried a fresh git pull of the refpolicy
and compiled it with vary little changes to the policy?

Justin P. Mattock

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Problem install Reference Policy
  2009-09-07  6:53   ` waqar afridi
  2009-09-07  7:55     ` Justin P. Mattock
@ 2009-09-07 14:17     ` Dennis Wronka
  1 sibling, 0 replies; 6+ messages in thread
From: Dennis Wronka @ 2009-09-07 14:17 UTC (permalink / raw)
  To: waqar afridi; +Cc: zheyeung, selinux

[-- Attachment #1: Type: Text/Plain, Size: 2580 bytes --]

Usually turning off modules shouldn't help to free a lot of memory as they 
usually are small things that don't take up much RAM anyway.

How much RAM do you have in your PC?

> *Thanx zheyeung*, But If I do leave the original *Build.conf* I get the
> following error
>
> /usr/bin/checkpolicy policy.conf -o /etc/selinux/refpolicy/policy/policy.23
> /usr/bin/checkpolicy:  loading policy configuration from policy.conf
> make: *** [/etc/selinux/refpolicy/policy/policy.23] Killed
>
>  Is it due to less memory or some thing else, I also turned off some
> unwanted modules from *modules.conf*, but didnt help, What should I do?
>
> On Mon, Sep 7, 2009 at 10:14 AM, Justin P. Mattock
>
> <justinmattock@gmail.com>wrote:
> > zheyeung wrote:
> >> hello waqar, I used to get this problem.after then, i edit file
> >> build.conf in some way  ,then make . make successfully!
> >> but I've got another problem . after i install the policy (by editting
> >> /etc/ selinux/config ,reboot)  ,my graphic user interface failed to
> >> start up.and i don't kown why.
> >> I run "semanage login -l" ,found "login" of root is root: sysadm_r.but
> >> default targeted in Fedora-11. root 's "login" is "unconfined_u:
> >> unconfined_r".
> >
> > you might try  make clean, make enableaudit, make policy
> > this will generate some more avc's that you might need
> > to allow to startx.
> >
> >  2009-09-07
> >
> >> ------------------------------------------------------------------------
> >> zheyeung
> >> ------------------------------------------------------------------------
> >> *发件人：* waqar afridi
> >> *发送时间：* 2009-09-05  15:44:44
> >> *收件人：* selinux
> >> *抄送：*
> >> *主题：* Problem install Reference Policy
> >> Hello Every One,
> >>
> >> I am new to selinux, I am using Ubuntu and i am trying to install
> >> reference Policy on it, after running command make load, I get this
> >> error, I dont know whats wrong
> >>
> >> /usr/bin/checkpolicy policy.conf -o
> >> /etc/selinux/refpolicy/policy/policy.23
> >> /usr/bin/checkpolicy:  loading policy configuration from policy.conf
> >> policy/modules/services/ifplugd.te":67:ERROR 'type netutils_exec_t is
> >> not within scope' at token ';' on line 362418:
> >>    allow ifplugd_t netutils_exec_t:file { getattr open read execute };
> >> #line 67
> >> checkpolicy:  error(s) encountered while parsing configuration
> >> make: *** [/etc/selinux/refpolicy/policy/policy.23] Error 1
> >>
> >>
> >> --
> >> Waqar Afridi
> >
> > Justin P. Mattock

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Problem install Reference Policy
@ 2009-09-05  7:38 waqar afridi
  0 siblings, 0 replies; 6+ messages in thread
From: waqar afridi @ 2009-09-05  7:38 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 669 bytes --]

Hello Every One,

I am new to selinux, I am using Ubuntu and i am trying to install reference
Policy on it, after running command make load, I get this error,
I dont know whats wrong

/usr/bin/checkpolicy policy.conf -o /etc/selinux/refpolicy/policy/policy.23
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
policy/modules/services/ifplugd.te":67:ERROR 'type netutils_exec_t is not
within scope' at token ';' on line 362418:
    allow ifplugd_t netutils_exec_t:file { getattr open read execute };
#line 67
checkpolicy:  error(s) encountered while parsing configuration
make: *** [/etc/selinux/refpolicy/policy/policy.23] Error 1


-- 
Waqar Afridi

[-- Attachment #2: Type: text/html, Size: 764 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2009-09-07 14:18 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-09-07  2:10 Problem install Reference Policy zheyeung
2009-09-07  4:14 ` Justin P. Mattock
2009-09-07  6:53   ` waqar afridi
2009-09-07  7:55     ` Justin P. Mattock
2009-09-07 14:17     ` Dennis Wronka
  -- strict thread matches above, loose matches on Subject: below --
2009-09-05  7:38 waqar afridi

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.