Re: Invalid context with latest SELinux update.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Erik P. Olsen wrote:

On Mon, 2005-06-20 at 15:08 -0400, Daniel J Walsh wrote:


Daniel J Walsh wrote:



Erik P. Olsen wrote:



On Mon, 2005-06-20 at 11:41 -0400, Daniel J Walsh wrote:




Erik P. Olsen wrote:





After having updated FC3 with the latest SELinux I get following error
messages during boot:

Starting udev: /etc/selinux/targeted/contexts/files/file_contexts line
287 has invalid context system_u:object_r:crypt_device_t

Starting xfs: /etc/selinux/targeted/contexts/files/file_contexts line
888 has invalid
context system_u:object_r:system_dbusd_var_run_t

I can't see any side effect from this but what does it mean and what can
I do to correct it?


SELinux installation:

libselinux-1.19.1-8.i386.rpm
libselinux-devel-1.19.1-8.i386.rpm
selinux-doc-1.14.1-1.noarch.rpm
selinux-policy-strict-1.19.10-2.noarch.rpm
selinux-policy-strict-sources-1.19.10-2.noarch.rpm
selinux-policy-targeted-1.17.30-3.9.noarch.rpm
selinux-policy-targeted-sources-1.17.30-3.9.noarch.rpm





Can you try to reload policy

cd /etc/selinux/targeted/src/policy
make reload


Yes, and here is what make told me:

[root@epo policy]# make reload
mkdir -p /etc/selinux/targeted/policy
/usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18
policy.conf
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3894:
typeattribute tty_device_t { tty_device_t devpts_t };
typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t
sendmail_t sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
/usr/bin/checkpolicy:  error(s) encountered while parsing configuration
make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
[root@epo policy]#

Obviously something is wrong, but I don't understand what it's all
about :-(





What version of checkpolicy do you have installed?

Dan


Can you cd /etc/selinux/targeted/src/policy
grep -R define.*admin_tty_type .



[root@epo policy]# grep -R define.*admin_tty_type . ./macros/program/chroot_macros.te:define(`chroot_tty_device', ` { console_device_t admin_tty_type }') [root@epo policy]#



Ok how about

grep -R define.*ttyp_device_t .


--



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux