Bug 742239

Summary: bug? Rawhide\F17 unconfined.if: Syntax error
Product: [Fedora] Fedora Reporter: Frank Murphy <frankly3d>
Component: policycoreutilsAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: dominick.grift, dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-29 18:17:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Frank Murphy 2011-09-29 13:36:36 UTC 
Description of problem:  

Updating   : selinux-policy-3.10.0-34.2.fc17.noarch                                                                                   13/48 
/usr/share/selinux/devel/include/system/unconfined.if: Syntax error on line 127923 $1 [type=IDENTIFIER]
/usr/share/selinux/devel/include/system/unconfined.if: Syntax error on line 127929 ' [type=SQUOTE]
  Updating   : selinux-policy-targeted-3.10.0-34.2.fc17.noarch                                                                          14/48 


Version-Release number of selected component (if applicable):
After update:
rpm -qa | grep selinux-policy
selinux-policy-targeted-3.10.0-34.2.fc17.noarch
selinux-policy-3.10.0-34.2.fc17.noarch

Before update:
---> Package selinux-policy.noarch 0:3.10.0-34.1.fc17 will be updated

---> Package selinux-policy-targeted.noarch 0:3.10.0-34.1.fc17 will be updated




How reproducible: during update, 1xi686 box, 1xx86_64 box.


Steps to Reproduce:
1. update to above versions.
2.
3.
  
Actual results: as above, using "yum update"
Comment 1 Dominick Grift 2011-09-29 17:10:17 UTC 
Probably these? (last two interfaces in unconfined.if)

interface(`unconfined_alias_domain',`
	refpolicywarn(`$0($1) has been deprecated.')
')

interface(`unconfined_execmem_alias_program',`
	refpolicywarn(`$0($1) has been deprecated.')
')

I think the $1 needs to be removed from both
Comment 2 Dominick Grift 2011-09-29 17:24:37 UTC 
http://git.fedorahosted.org/git/?p=selinux-policy.git;a=commitdiff;h=063e2ccb9a9feb0340da4d9be5bfbe26fb875f07

I think this might fix it
Comment 3 Daniel Walsh 2011-09-29 18:17:09 UTC 
Should be fixed by policycoreutils-2.1.6-3.fc17

This is sepolgen comlaining about permissive command being in an interface.  I update policycoreutils to ignore this command.