"invalid security context" in custom policy
Tracy Reed
treed at ultraviolet.org
Tue Apr 28 22:48:05 UTC 2015
On Tue, Apr 28, 2015 at 12:11:05PM PDT, Tracy Reed spake thusly:
> libsepol.context_from_record: invalid security context: "myapp_u:myapp_r:myapp_api_t:s0"
Solved: When declaring your own file contexts use object_r for the role instead
of a user role in your .fc file.
Still having an issue with this one though:
> And while I'm posting I may as well ask: When I uncomment the
> logging_log_file(mypp_logs_t) type attribute above I get this error:
>
> Compiling targeted myapp module
> /usr/bin/checkmodule: loading policy configuration from tmp/myapp.tmp
> myapp.te":42:ERROR 'unknown class filesystem used in rule' at token ';' on line 1301:
> allow myapp_logs_t tmp_t:filesystem associate;
> #line 42
> /usr/bin/checkmodule: error(s) encountered while parsing configuration
> make: *** [tmp/myapp.mod] Error 1
>
>
> All tips are greatly appreciated!
>
> --
> Tracy Reed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20150428/d5dba188/attachment.sig>
More information about the selinux
mailing list