Description of problem: When updating selinux-policy from updates-testing repo, I get an error messgae: /usr/share/selinux/devel/include/services/jetty.if: Syntax error on line 40398 jetty_cache_t [type=IDENTIFIER] Version-Release number of selected component (if applicable): selinux-policy-3.10.0-124.fc17.noarch How reproducible: I didn't try Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Should be fixed in the latest policy. # rpm -Uvh http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm
(In reply to comment #1) > Should be fixed in the latest policy. > > # rpm -Uvh > http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm > http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm Are you sure? sudo rpm -Uvh http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm Retrieving http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm Retrieving http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm Preparing... ########################################### [100%] 1:selinux-policy ########################################### [ 50%] /usr/share/selinux/devel/include/services/jetty.if: Syntax error on line 40398 jetty_cache_t [type=IDENTIFIER] 2:selinux-policy-targeted########################################### [100%]
oops, also selinux-policy-devel package is needed http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm
(In reply to comment #3) > oops, also selinux-policy-devel package is needed > > http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm Bad day today? :( :( :( sudo rpm -Uvh http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm Retrieving http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-3.10.0-125.fc17.noarch.rpm Retrieving http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-targeted-3.10.0-125.fc17.noarch.rpm Retrieving http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm Preparing... ########################################### [100%] 1:selinux-policy ########################################### [ 33%] /usr/share/selinux/devel/include/services/jetty.if: Syntax error on line 40398 jetty_cache_t [type=IDENTIFIER] 2:selinux-policy-targeted########################################### [ 67%] 3:selinux-policy-devel ########################################### [100%]
Try to run # sepolgen-ifgen
(In reply to comment #5) > Try to run > > # sepolgen-ifgen No message: backes@eule [~/Desktop]: sudo sepolgen-ifgen backes@eule [~/Desktop]:
(In reply to comment #4) > (In reply to comment #3) > > oops, also selinux-policy-devel package is needed > > > > http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm > > Bad day today? :( :( :( > .. > Preparing... ########################################### [100%] > 1:selinux-policy ########################################### [ 33%] > /usr/share/selinux/devel/include/services/jetty.if: Syntax error on line 40398 > jetty_cache_t [type=IDENTIFIER] > 2:selinux-policy-targeted########################################### [ 67%] > 3:selinux-policy-devel ########################################### [100%] Is the reason you got the error because -devel (which contains the fixed file) has installed after the policy was regenerated? I also hit this issue, but have updated -devel then rebuilt the policy with semodule with no errors.
(In reply to comment #7) > (In reply to comment #4) > > (In reply to comment #3) > > > oops, also selinux-policy-devel package is needed > > > > > > http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/125.fc17/noarch/selinux-policy-devel-3.10.0-125.fc17.noarch.rpm > > > > Bad day today? :( :( :( > > > .. > > Preparing... ########################################### [100%] > > 1:selinux-policy ########################################### [ 33%] > > /usr/share/selinux/devel/include/services/jetty.if: Syntax error on line 40398 > > jetty_cache_t [type=IDENTIFIER] > > 2:selinux-policy-targeted########################################### [ 67%] > > 3:selinux-policy-devel ########################################### [100%] > > Is the reason you got the error because -devel (which contains the fixed file) > has installed after the policy was regenerated? I don't know! In any case I updated selinux-policy-devel in a second cycle *after* having updated selinux-policy and selinux-policy-targeted (see comment #3). Additionally, I don't know why selinux-policy-devel was not automatically updated because of dependencies.
> Additionally, I don't know why selinux-policy-devel was not automatically > updated because of dependencies. sorry, my mistake, I installed directly by rpm. But at least I expect that the need for updating selinux-policy-devel too should heve been reported by rpm.
Miroslav we need to move the trigger in policycoreutils rebuild to the -devel package. %triggerin python -- selinux-policy-devel selinuxenabled && [ -f /usr/share/selinux/devel/include/build.conf ] && /usr/bin/sepolgen-ifgen 2>/dev/null exit 0 This is a policycoreutils problem.
Fixed in policycoreutils-2.1.11-14.fc17
*** Bug 825864 has been marked as a duplicate of this bug. ***
*** Bug 825969 has been marked as a duplicate of this bug. ***
*** Bug 836019 has been marked as a duplicate of this bug. ***
Created attachment 614432 [details] f17 guest, installed & updated, got selinux-policy "syntax error" Updating: selinux-policy-3.10.0-146.fc17.noarch /usr/share/selinux/devel/include/services/jetty.if: Syntax error in line 145009 jetty_cache_t [type=IDENTIFIER] Copied from screen-shot.
This message is a reminder that Fedora 17 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 17. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '17'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 17's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 17 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior to Fedora 17's end of life. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.