On Tue, 2006-06-20 at 13:26 +0100, Paul Howarth wrote: > Stephen Smalley wrote: > > On Tue, 2006-06-20 at 08:08 +0100, Paul Howarth wrote: > >> On Mon, 2006-06-19 at 15:34 -0500, Marc Schwartz (via MN) wrote: > >>> Thanks Paul! > >>> > >>> OK, so the building goes OK, but now when I try to install the modules, > >>> I get the following error: > >>> > >>> # /usr/sbin/semodule -i procmail.pp > >>> libsepol.class_copy_callback: procmail: Modules may not yet declare new classes. > >>> libsemanage.semanage_link_sandbox: Link packages failed > >>> /usr/sbin/semodule: Failed! > >>> > >>> > >>> This occurs with each of the 5 modules. > >>> > >>> Due to the recent change as well or is there something else that I need > >>> to do before installing the new module(s)? > >> Not sure what that is. Can you try rebuilding all of the modules? > >> > >> # rm *.pp > >> # make > >> > >> Paul. > > > > Also make sure that your selinux-policy package is fully up-to-date. > > The error message suggests that your modules are bringing in newer class > > definitions (via policy_module) that aren't defined in your base.pp, > > which means your base.pp is out of date. > > How could this happen if the modules are being built on the same system > as they are being used on? > > Paul. Good morning guys, Thanks for the assistance. Before building, I had done a 'make clean', so the *.pp files were deleted. This continues to be a problem this morning. The current versions of the RPMS that I have are: # rpm -qa | grep selinux libselinux-1.30-1.fc5 libselinux-devel-1.30-1.fc5 libselinux-python-1.30-1.fc5 selinux-policy-targeted-2.2.43-4.fc5 selinux-policy-2.2.43-4.fc5 I ran a yum update this morning and no new updates were identified. What is interesting, is if I try to remove any of the existing modules, I get this: # semodule -r myclam.pp libsemanage.semanage_direct_remove: Module myclam.pp was not found. semodule: Failed on myclam.pp! Yet, the modules are listed: # semodule -l clamav 1.0.0 myclam 0.1.2 mydcc 0.1.3 mypostfix 0.1.0 mypyzor 0.1.3 procmail 0.5.0 And, if I try to upgrade the module: # semodule -u myclam.pp libsemanage.semanage_direct_upgrade: Previous module myclam is same or newer. semodule: Failed on myclam.pp! It would suggest that the myclam.pp module is found, despite the error in the remove attempt above. Seems like something is hosed, but I don't have any intuition here. If you would like me to attach the *.pp files in an offlist e-mail so that you can review them, let me know. Thanks, Marc -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
