policy updated, then selinux error?
Hongwei Li
hongwei at wustl.edu
Fri Jul 8 21:40:54 UTC 2005
>> On Fri, 2005-07-08 at 14:49 -0500, Hongwei Li wrote:
>>> Hi,
>>>
>>> I just updated selinux target policy (including the source) from
>>> 1.17.30-2.96
>>> to 1.17.30-3.16 on my fc3 linux system (kernel 2.6.11-1.35_FC3), and also
>>> updated checkpolicy-1.17.5-1.2. The updating process did not show any
>>> error.
>>>
>>> Then, I reboot the system that showed a lot of error message like:
>>> invalid ... in /etc/selinux/targeted/src/policy/file_contexts/... (it went
>>> though so fast that I could not catch all the words). The system is
>>> running,
>>> then I go to /etc/selinux/targeted/src/policy and run make load and got:
>>>
>>> # make load
>>> mkdir -p /etc/selinux/targeted/policy
>>> /usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18 policy.conf
>>> /usr/bin/checkpolicy: loading policy configuration from policy.conf
>>> domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3897:
>>> typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t
>>> sendmail_t
>>> sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
>>> typeattribute tty_device_t { tty_device_t devpts_t };
>>> /usr/bin/checkpolicy: error(s) encountered while parsing configuration
>>> make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
>>>
>>> I tried touch /.autorelable and reboot, the same error.
>>>
>>> Can somebody tell what's wrong? how to fix it?
>>
>> # cd /etc/selinux/targeted/src/policy
>> # rm -f policy.conf
>> # make reload
>>
>> Paul.
>> --
>> Paul Howarth <paul at city-fan.org>
>>
>
> I got:
>
> # make reload
> mkdir -p tmp
> m4 -Imacros -s flask/security_classes ......
> ......
> mv policy.conf.tmp policy.conf
> mkdir -p /etc/selinux/targeted/policy
> /usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18 policy.conf
> /usr/bin/checkpolicy: loading policy configuration from policy.conf
> security: 3 users, 4 roles, 343 types, 30 bools
> security: 55 classes, 14894 rules
> /usr/bin/checkpolicy: policy configuration loaded
> /usr/bin/checkpolicy: writing binary representation (version 18) to
> /etc/selinux/targeted/policy/policy.18
> /usr/sbin/load_policy /etc/selinux/targeted/policy/policy.18
> unknown boolean use_syslogng
> /usr/sbin/load_policy: Warning! Error while setting booleans: Invalid
> argument
> touch tmp/load
> #
>
> What else should I do? or just leave it as is?
>
> Thanks!
>
> Hongwei
>
>
I rebooted the system, and run make load again. No error message, it seems
working normal. Thanks!
Hongwei
More information about the fedora-selinux-list
mailing list