Poor error when loading policy module
Moray Henderson
Moray.Henderson at ict-software.org
Wed Jun 6 15:03:09 UTC 2012
> From: Daniel J Walsh [mailto:dwalsh at redhat.com]
> Sent: 06 June 2012 13:54
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 06/06/2012 07:05 AM, Moray Henderson wrote:
> >> From: Daniel J Walsh [mailto:dwalsh at redhat.com] Sent: 04 June 2012
> >> 15:23
> >>
> >> On 06/04/2012 02:55 AM, Miroslav Grepl wrote:
> >>> On 05/31/2012 11:46 AM, Moray Henderson wrote:
> >>>> I'm updating a custom policy from CentOS 5 to CentOS 6. The
> module
> >>>> builds successfully, but fails to load:
> >>>>
> >>>> # semodule -i mypolicy.pp
> >>>> /etc/selinux/targeted/contexts/files/file_contexts: Invalid
> >>>> argument
> >>>> libsemanage.semanage_install_active: setfiles returned error code
> 1.
> >>>> semodule: Failed!
> >>>>
> >>>> It took me some time to work out that the error should have read:
> >>>>
> >>>> File context already exists for /var/run/passenger: mypolicy.fc
> >>>> line
> >>>> 5
> >>>>
> >>>> Now that I know there is already policy for Passenger, I can
> adjust
> >>>> mine accordingly. Any chance of getting a more helpful version of
> >>>> the error included in semodule?
> >>> There is a bug
> >>>
> >>> https://bugzilla.redhat.com/show_bug.cgi?id=822320
> >>>>
> >>>>
> >>>> Moray. "To err is human; to purr, feline."
> >>>>
> >>>>
> >>>>
> >>>> -- selinux mailing list selinux at lists.fedoraproject.org
> >>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
> >>>
> >>> -- selinux mailing list selinux at lists.fedoraproject.org
> >>> https://admin.fedoraproject.org/mailman/listinfo/selinux
> >>>
> >>>
> >> Not sure this is the right bugzilla.
> >>
> >> In Fedora 17 I get
> >>
> >> semodule -i mypol.pp
> /etc/selinux/targeted/contexts/files/file_contexts:
> >> Multiple different specifications for /var/run/passenger(/.*)?
> >> (system_u:object_r:passenger_var_run_t:s0 and
> >> system_u:object_r:var_run_t:s0).
> >> /etc/selinux/targeted/contexts/files/file_contexts: Invalid argument
> >> libsemanage.semanage_install_active: setfiles returned error code 1.
> >> semodule: Failed!
> >
> > Thanks Daniel, that looks like the one. Would be nice if it could
> > display which line of the .fc file caused the problem, but if not
> > there is enough information now to track it down. I couldn't find
> > "file_contexts multiple different specifications" in Red Hat's
> > bugzilla, though. There were a few for "file_contexts invalid
> argument", but none of them describe this issue.
> > Do you know if that fix from Fedora 17 will get through to RHEL 6?
> >
> >
> > Moray. “To err is human; to purr, feline.”
> >
> >
> > -- selinux mailing list selinux at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
>
> The fix is in libsemanage, actually. Open a bugzilla on libsemanage
> for this and we will see if libsemanage gets on the approved package
> list.
Logged https://bugzilla.redhat.com/show_bug.cgi?id=829378. Thanks.
Moray.
“To err is human; to purr, feline.”
More information about the selinux
mailing list