Poor error when loading policy module
Moray Henderson
Moray.Henderson at ict-software.org
Wed Jun 6 11:05:57 UTC 2012
> From: Daniel J Walsh [mailto:dwalsh at redhat.com]
> Sent: 04 June 2012 15:23
>
> On 06/04/2012 02:55 AM, Miroslav Grepl wrote:
> > On 05/31/2012 11:46 AM, Moray Henderson wrote:
> >> I'm updating a custom policy from CentOS 5 to CentOS 6. The module
> >> builds successfully, but fails to load:
> >>
> >> # semodule -i mypolicy.pp
> >> /etc/selinux/targeted/contexts/files/file_contexts: Invalid argument
> >> libsemanage.semanage_install_active: setfiles returned error code 1.
> >> semodule: Failed!
> >>
> >> It took me some time to work out that the error should have read:
> >>
> >> File context already exists for /var/run/passenger: mypolicy.fc line
> >> 5
> >>
> >> Now that I know there is already policy for Passenger, I can adjust
> >> mine accordingly. Any chance of getting a more helpful version of
> >> the error included in semodule?
> > There is a bug
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=822320
> >>
> >>
> >> Moray. "To err is human; to purr, feline."
> >>
> >>
> >>
> >> -- selinux mailing list selinux at lists.fedoraproject.org
> >> https://admin.fedoraproject.org/mailman/listinfo/selinux
> >
> > -- selinux mailing list selinux at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
> >
> >
> Not sure this is the right bugzilla.
>
> In Fedora 17 I get
>
> semodule -i mypol.pp
> /etc/selinux/targeted/contexts/files/file_contexts: Multiple different
> specifications for /var/run/passenger(/.*)?
> (system_u:object_r:passenger_var_run_t:s0 and
> system_u:object_r:var_run_t:s0).
> /etc/selinux/targeted/contexts/files/file_contexts: Invalid argument
> libsemanage.semanage_install_active: setfiles returned error code 1.
> semodule: Failed!
Thanks Daniel, that looks like the one. Would be nice if it could display which line of the .fc file caused the problem, but if not there is enough information now to track it down. I couldn't find "file_contexts multiple different specifications" in Red Hat's bugzilla, though. There were a few for "file_contexts invalid argument", but none of them describe this issue. Do you know if that fix from Fedora 17 will get through to RHEL 6?
Moray.
“To err is human; to purr, feline.”
More information about the selinux
mailing list