Bug 1722622
| Summary: | ERROR 'Identifier condor_domain used as both an attribute and a type' at token 'condor_domain' | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Milos Malik <mmalik> | |
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | |
| Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 8.1 | CC: | lvrabec, mmalik, plautrba, ssekidde, zpytela | |
| Target Milestone: | rc | |||
| Target Release: | 8.1 | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1722836 (view as bug list) | Environment: | ||
| Last Closed: | 2019-11-05 22:11:47 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:3547 |
Description of problem: Version-Release number of selected component (if applicable): selinux-policy-3.14.3-8.el8.noarch selinux-policy-targeted-3.14.3-8.el8.noarch selinux-policy-devel-3.14.3-8.el8.noarch How reproducible: * always Steps to Reproduce: 1. get a RHEL-8.1 machine (targeted policy is active) 2. prepare the following TE file # cat confined_admin.te policy_module(confined_admin,1.0.0) userdom_admin_user_template(confined_admin) require { role staff_r; } role confined_admin_r; allow staff_r confined_admin_r; domain_use_interactive_fds(confined_admin_t) files_read_etc_files(confined_admin_t) miscfiles_read_localization(confined_admin_t) condor_admin(confined_admin_t,confined_admin_r) 3. compile the TE file into a policy module # make -f /usr/share/selinux/devel/Makefile Compiling targeted confined_admin module confined_admin.te:18:ERROR 'Identifier condor_domain used as both an attribute and a type' at token 'condor_domain' on line 37146: type condor_domain; #line 18 /usr/bin/checkmodule: error(s) encountered while parsing configuration make: *** [/usr/share/selinux/devel/include/Makefile:157: tmp/confined_admin.mod] Error 1 # Actual results: * error message appears * .pp file is not created Expected results: * the conflict between condor_admin attribute and type is resolved * .pp file is created