Docker.if potential conflict

[Lukas Vrabec]

Hi,

We know about this issue, I'm working on this.

Thank you for report.

On 10/15/2015 02:06 PM, Daniel J Walsh wrote:
> Yes those should not be defined there.
>
> On 10/15/2015 06:46 AM, William wrote:
>> Hi,
>>
>> I was reading this bug:
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=1262812
>>
>> And I noticed that even once updated (and making sure that selinux
>> -policy-devel doesn't provide docker.if) that I still get on a build:
>>
>> make -f /usr/share/selinux/devel/Makefile
>> /usr/share/selinux/devel/include/contrib/apache.if:277: Error:
>> duplicate definition of apache_exec(). Original definition on 131.
>> /usr/share/selinux/devel/include/kernel/kernel.if:3879: Error:
>> duplicate definition of kernel_unlabeled_domtrans(). Original
>> definition on 485.
>> /usr/share/selinux/devel/include/kernel/kernel.if:3900: Error:
>> duplicate definition of kernel_unlabeled_entry_type(). Original
>> definition on 478.
>> /usr/share/selinux/devel/include/kernel/files.if:7840: Error: duplicate
>> definition of files_write_all_pid_sockets(). Original definition on
>> 494.
>> /usr/share/selinux/devel/include/kernel/filesystem.if:4537: Error:
>> duplicate definition of fs_dontaudit_remount_tmpfs(). Original
>> definition on 464.
>> /usr/share/selinux/devel/include/kernel/devices.if:221: Error:
>> duplicate definition of dev_dontaudit_list_all_dev_nodes(). Original
>> definition on 471.
>> /usr/share/selinux/devel/include/kernel/devices.if:4499: Error:
>> duplicate definition of dev_dontaudit_mounton_sysfs(). Original
>> definition on 501.
>>
>> It looks like selinux-docker is still defining a bunch of interfaces
>> that it shouldn't. Is this the correct behaviour?
>>
>>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

-- 
Lukas Vrabec
SELinux Solutions
Red Hat, Inc.