SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: There is a bug in checkmodule that is driving me nuts This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Karl MacMillan <kmacmillan_at_mentalrootkit.com> Date: Mon, 23 Jul 2007 10:25:48 -0400 Shintaro Fujiwara wrote: > Hello, > > Can I ask what policyrep is ? > Is that policy-generating project on going or wat ? > Separate branch to rework the selinux policy compiler. It includes a library for representing policies (hence the name policyrep) that is useful for policy compilation, analysis, and generation. You can view the code at: http://selinux.svn.sourceforge.net/viewvc/selinux/branches/policyrep/ Karl > Thanks. > > 2007/7/21, Karl MacMillan <kmacmill@redhat.com>: >> >> On Fri, 2007-07-20 at 16:22 -0400, Daniel J Walsh wrote: >> > The compiler is mistakenly seeing a >> > >> > gen_requires { >> > type xguest_gnome_home_t; >> > } >> > >> > As a redefinition of the type >> > >> > /usr/bin/checkmodule -M -m guest.tmp -o >> guest.mod/usr/bin/checkmodule: >> > loading policy configuration from guest.tmp >> > policy/modules/users/guest.te:4:ERROR 'duplicate declaration of >> > type/attribute' at token ';' on line 55020: >> > type xguest_gnome_home_t; >> > #line 4 >> > /usr/bin/checkmodule: error(s) encountered while parsing >> configuration >> > >> > The problem is the gen_requires happens before the declaration. >> > >> > The type is being declared in a template file. >> >> For better or discarding of requires upon hitting a declaration isn't >> like to be fixed (when the require is first). >> >> I have an alternative suggestion - remove all of the requires from the >> policy and use an sepolgen-based pre-processor to add them back in until >> the policyrep work is done. That will ease the migration and can be done >> far more easily than fixing the current compiler. >> >> Karl >> >> >> -- >> This message was distributed to subscribers of the selinux mailing list. >> If you no longer wish to subscribe, send mail to >> majordomo@tycho.nsa.gov with >> the words "unsubscribe selinux" without quotes as the message. >> > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to > majordomo@tycho.nsa.gov with > the words "unsubscribe selinux" without quotes as the message. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Mon 23 Jul 2007 - 10:26:17 EDT This message: [ Message body ] Next message: Stephen Smalley: "Re: There is a bug in checkmodule that is driving me nuts" Previous message: Stephen Smalley: "[patch] libselinux: fix type mismatch in string_to_security_class" In reply to: Shintaro Fujiwara: "Re: There is a bug in checkmodule that is driving me nuts" Next in thread: Stephen Smalley: "Re: There is a bug in checkmodule that is driving me nuts" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom