On Wed, 2006-11-08 at 15:31 +0000, Linda Finch wrote:
I am trying to get up to speed with SELinux however as I am also a
novice
Linux user (my OS knowledge has been with other systems) this is a very
steep learning curve! To ease the pain, I purchased the SELinux by example
book and have been trying to work through the example policy module for the
IRC daemon.
I set up a standard FC4 workstation with the required strict src policy, IRC
etc and proceeded to follow through the book however I cannot get it to
compile. When I enter the make && make install && make load command I
get
the following error:
make && make install && make load
/usr/bin/checkpolicy -o policy.21 policy.conf
/usr/bin/checkpolicy: loading policy configuration from policy.conf
domains/program/ircd.te:28:ERROR 'duplicate declaration of type/attribute'
at token ';' on line 290384:
type ircd_log_t, file_type, sysadmfile, logfile;
#line 28
checkpolicy: error(s) encountered while parsing configuration
make: *** [policy.21] Error 1
The compiler is saying that this type has already been declared. Make
certain that you did not accidentally include this line twice. It is
also possible that the strict policy that you are using already has a
policy for the ircd daemon (I don't have an FC4 system to check the
latest policy). You can grep through the policy modules to see if this
type is declared in another module - run this command in
domains/program:
grep "type ircd_log_t *.te
That should show you the file names of all the files that contain the
phrase "type ircd_log_t". If there is another policy module declaring
this type you can disable it by moving it and its corresponding .fc file
to the unused directories in domains/program and file_contexts.
I've double checked the ircd.te file, looked at the policy.conf file and
can't see anything wrong. Is this error immediately obvious to anyone
(without knowing the example in the book of course!)? If so, please help!
Apologies if there is something simple that I've not done - as I say, I'm a
novice user! I've also had a go with the reference policy example in the
book for FC5 and couldn't get that to compile either. That gives an error
with the generated_definitions.conf file. I downloaded the most uptodate
version of the refpolicy from Tresys' site but maybe there are other patches
I need? Again, this was a std FC5 install.
Can you give a more detailed error message here?
Karl