Bug 607943
Summary: | some .te files cannot be compiled because admin interfaces contain errors | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Milos Malik <mmalik> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED DUPLICATE | QA Contact: | Milos Malik <mmalik> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | dwalsh, mgrepl |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-06-25 18:08:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Milos Malik
2010-06-25 09:19:38 UTC
If you use "certmonger_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type cermonger_var_lib_t' at token ';' on line 43538: allow confined_admin_t cermonger_var_lib_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' If you use "chronyd_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type chronyd_tmp_t' at token ';' on line 44 048: allow confined_admin_t chronyd_tmp_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' If you use "cobblerd_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type httpd_cobbler_content_rw_t' at token ';' on line 43724: allow confined_admin_t httpd_cobbler_content_rw_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' If you use "ksmtuned_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'syntax error' at token ':' on line 43298: allow ksmtumed_t :dir { getattr search open read lock ioctl }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. If you use "memcached_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type memcached_var_run_t' at token ';' on line 43466: allow confined_admin_t memcached_var_run_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' If you use "psad_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type psad_etc_t' at token ';' on line 43504: allow confined_admin_t psad_etc_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' If you use "rpcbind_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type rbcbind_initrc_exec_t' at token ';' on line 43346: allow confined_admin_t rbcbind_initrc_exec_t:file { getattr open read execute }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' *** This bug has been marked as a duplicate of bug 426941 *** *** This bug has been marked as a duplicate of bug 607912 *** If you use "shorewall_admin(confined_admin_t,confined_admin_r)" instead of "boinc_admin(confined_admin_t,confined_admin_r)" as described in comment #0 you will see following error messages: # make -f /usr/share/selinux/devel/Makefile make[1]: Entering directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' Compiling targeted confined_admin module confined_admin.te":26:ERROR 'unknown type shorewall_etc_t' at token ';' on line 43450: allow confined_admin_t shorewall_etc_t:dir { open read getattr lock search ioctl add_name remove_name write }; #line 26 /usr/bin/checkmodule: error(s) encountered while parsing configuration /usr/bin/checkmodule: loading policy configuration from tmp/confined_admin.tmp make[1]: *** [tmp/confined_admin.mod] Error 1 make[1]: Leaving directory `/mnt/testarea/tests/selinux-policy/Sanity/confined-admins-and-their-services' |