Re: checkpolicy bombing on Fedora devel...

Something is causing checkpolicy to segfault. I ended up building it from the .src.rpm so it was compiled with -g and not stripped. checkpolicy-1.27.1-1, libselinux-1.26-6, updated to -devel tree as of this morning. gdb then says: (gdb) run -M -o policy.20 policy.conf Starting program: /usr/src/redhat/BUILD/checkpolicy-1.27.1/checkpolicy -M -o policy.20 policy.conf Reading symbols from shared object read from target memory...done. Loaded system supplied DSO at 0xffffe000 /usr/src/redhat/BUILD/checkpolicy-1.27.1/checkpolicy: loading policy configuration from policy.conf Program received signal SIGSEGV, Segmentation fault. parse_categories (id=0x8bbff28 "s0", levdatum=0x80a75b8, cats=0x80a00bc) at policy_parse.y:3569 3569 range_start = range_end = cdatum->value - 1; (gdb) where #0 parse_categories (id=0x8bbff28 "s0", levdatum=0x80a75b8, cats=0x80a00bc) at policy_parse.y:3569 #1 0x0804f340 in parse_security_context (c=0x80a00ac) at policy_parse.y:3850 #2 0x080534f2 in yyparse () at policy_parse.y:3925 #3 0x0804a743 in main (argc=5, argv=0xbfeecd74) at checkpolicy.c:549 This ring any bells? Have I dorked up a file ('users' most likely) during the conversion to MCS in a way that didn't flag a syntax error but causes a crash? Hints, etc accepted..

From the info above, you have an id "s0" that is a sensitivity rather