Re: How should I run genfscon in my module?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dnia 10/29/2006 05:37 PM, Użytkownik Dawid Gajownik napisał:

Modules do not allow genfscon statements, the grammar of modules is a
 subset of the base policy grammar.


Thanks for the clarification. I'll need to modify policy-selinux SRPM then.
Ugh, I must have found some weird bug or something. Applying attached patch makes compilation fail with this message: 

Compiling targeted base module
/usr/bin/checkmodule -M base.conf -o tmp/base.mod
/usr/bin/checkmodule:  loading policy configuration from base.conf
policy/modules/services/xserver.te:740:ERROR 'syntax error' at token 'ntfs-3g' on line 1002121: 
genfscon ntfs / system_u:object_r:dosfs_t:s0
genfscon ntfs-3g / system_u:object_r:dosfs_t:s0
/usr/bin/checkmodule:  error(s) encountered while parsing configuration
make: *** [tmp/base.mod] Error 1
error: Bad exit status from /var/tmp/rpm-tmp.45484 (%install)


RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.45484 (%install)
[rpm-build@X selinux-policy-2.4.1]$
I've been modifying selinux-policy-2.4.1-3.fc6.src.rpm package. It looks like checkmodule does not like dash, because after removing this character from the patch (that means s/ntfs-3g/ntfs3g/) compilation finishes cleanly.
What now? I would like to fix bug 211767 ASAP, because users start to turn off SELinux :( 

Regards,
	Dawid

--

  ^_*

diff -Nurp serefpolicy-2.4.1.orig/policy/modules/kernel/filesystem.te serefpolicy-2.4.1/policy/modules/kernel/filesystem.te
--- serefpolicy-2.4.1.orig/policy/modules/kernel/filesystem.te	2006-10-23 22:38:42.000000000 +0200
+++ serefpolicy-2.4.1/policy/modules/kernel/filesystem.te	2006-10-29 17:51:28.000000000 +0100
@@ -150,6 +150,7 @@ allow dosfs_t fs_t:filesystem associate;
 genfscon fat / gen_context(system_u:object_r:dosfs_t,s0)
 genfscon msdos / gen_context(system_u:object_r:dosfs_t,s0)
 genfscon ntfs / gen_context(system_u:object_r:dosfs_t,s0)
+genfscon ntfs-3g / gen_context(system_u:object_r:dosfs_t,s0)
 genfscon vfat / gen_context(system_u:object_r:dosfs_t,s0)
 
 #

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux