Bug 163666

Summary: targeted policy source does not compile
Product: [Fedora] Fedora Reporter: Jonathan S. Shapiro <shap>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-07-20 13:14:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jonathan S. Shapiro 2005-07-20 03:33:25 UTC
Description of problem:

I have installed selinux-policy-targeted-sources-1.17.30-3.16 and
checkpolicy-1.17.5-1.2, which appear to be the latest updates.

  su -; cd /etc/selinux/targeted/policy;make policy

fails with diagnostics:

[root@deskjob policy]# make policy
/usr/bin/checkpolicy -o policy.18 policy.conf
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3897:
typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t sendmail_t
sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
typeattribute tty_device_t { tty_device_t devpts_t };
/usr/bin/checkpolicy:  error(s) encountered while parsing configuration


Expected results: ought to compile


Additional info:

This does not inspire confidence in the Fedora Q/A process...

Please let me know if you want me to attach the offending source file.

Comment 1 Daniel Walsh 2005-07-20 03:49:41 UTC
Try a make clean first.
make clean
make load


Comment 2 Jonathan S. Shapiro 2005-07-20 04:19:31 UTC
That worked. Might I suggest adding this hint to the top of the README file in
src/policy/


Comment 3 Daniel Walsh 2005-07-20 13:14:16 UTC
I am not sure why this happened.  It only seems to effect people that edited
policy sources.  It was caused because a "constant" changed into an "attribute"
in policy terms.  Why it did not do a full rebuild I do not know.  I am forcing
a full rebuild on all new policy updates.  So this should not happen again. 

Comment 4 Jonathan S. Shapiro 2005-07-20 14:18:25 UTC
Just to add to the puzzle: I had not edited the policy sources in any way at all.