Hide Forgot
Description of problem: Updating : selinux-policy-3.10.0-34.2.fc17.noarch 13/48 /usr/share/selinux/devel/include/system/unconfined.if: Syntax error on line 127923 $1 [type=IDENTIFIER] /usr/share/selinux/devel/include/system/unconfined.if: Syntax error on line 127929 ' [type=SQUOTE] Updating : selinux-policy-targeted-3.10.0-34.2.fc17.noarch 14/48 Version-Release number of selected component (if applicable): After update: rpm -qa | grep selinux-policy selinux-policy-targeted-3.10.0-34.2.fc17.noarch selinux-policy-3.10.0-34.2.fc17.noarch Before update: ---> Package selinux-policy.noarch 0:3.10.0-34.1.fc17 will be updated ---> Package selinux-policy-targeted.noarch 0:3.10.0-34.1.fc17 will be updated How reproducible: during update, 1xi686 box, 1xx86_64 box. Steps to Reproduce: 1. update to above versions. 2. 3. Actual results: as above, using "yum update"
Probably these? (last two interfaces in unconfined.if) interface(`unconfined_alias_domain',` refpolicywarn(`$0($1) has been deprecated.') ') interface(`unconfined_execmem_alias_program',` refpolicywarn(`$0($1) has been deprecated.') ') I think the $1 needs to be removed from both
http://git.fedorahosted.org/git/?p=selinux-policy.git;a=commitdiff;h=063e2ccb9a9feb0340da4d9be5bfbe26fb875f07 I think this might fix it
Should be fixed by policycoreutils-2.1.6-3.fc17 This is sepolgen comlaining about permissive command being in an interface. I update policycoreutils to ignore this command.