It took me ages to track down where the duplicate type declaration was
coming from - I was sure it wasn't the ircd.te file I'd created as I'd
checked it numerous times. In the end I found it was being inserted by the
append_logdir_domain macro. Everything compiles, the file system is
labelled as expected and I can move on to another problem. The IRCD daemon
it is not starting with the correct security context. Again, I've double
and treble checked the ircd.te file and I'm wondering if it is another
problem between this file and the domain_auto_trans macro. I'm starting
here anyway.
I've not had a chance to look again at FC5 but will screen dump the error
message for more information. Then I guess it will be FC6 when I've got
this cracked.....!
Thanks very much for your help so far
Linda
From: Karl MacMillan <kmacmill@xxxxxxxxxx>
To: Linda Finch <lindafinch1@xxxxxxxxxxxxx>
CC: fedora-selinux-list@xxxxxxxxxx
Subject: Re: New SELinux User
Date: Wed, 08 Nov 2006 10:47:19 -0500
On Wed, 2006-11-08 at 15:31 +0000, Linda Finch wrote:
> I am trying to get up to speed with SELinux however as I am also a
novice
> Linux user (my OS knowledge has been with other systems) this is a very
> steep learning curve! To ease the pain, I purchased the SELinux by
example
> book and have been trying to work through the example policy module for
the
> IRC daemon.
>
> I set up a standard FC4 workstation with the required strict src policy,
IRC
> etc and proceeded to follow through the book however I cannot get it to
> compile. When I enter the make && make install && make load command I
get
> the following error:
>
> make && make install && make load
> /usr/bin/checkpolicy -o policy.21 policy.conf
> /usr/bin/checkpolicy: loading policy configuration from policy.conf
> domains/program/ircd.te:28:ERROR 'duplicate declaration of
type/attribute'
> at token ';' on line 290384:
> type ircd_log_t, file_type, sysadmfile, logfile;
> #line 28
> checkpolicy: error(s) encountered while parsing configuration
> make: *** [policy.21] Error 1
>
The compiler is saying that this type has already been declared. Make
certain that you did not accidentally include this line twice. It is
also possible that the strict policy that you are using already has a
policy for the ircd daemon (I don't have an FC4 system to check the
latest policy). You can grep through the policy modules to see if this
type is declared in another module - run this command in
domains/program:
grep "type ircd_log_t *.te
That should show you the file names of all the files that contain the
phrase "type ircd_log_t". If there is another policy module declaring
this type you can disable it by moving it and its corresponding .fc file
to the unused directories in domains/program and file_contexts.
>
> I've double checked the ircd.te file, looked at the policy.conf file and
> can't see anything wrong. Is this error immediately obvious to anyone
> (without knowing the example in the book of course!)? If so, please
help!
> Apologies if there is something simple that I've not done - as I say,
I'm a
> novice user! I've also had a go with the reference policy example in
the
> book for FC5 and couldn't get that to compile either. That gives an
error
> with the generated_definitions.conf file. I downloaded the most
uptodate
> version of the refpolicy from Tresys' site but maybe there are other
patches
> I need? Again, this was a std FC5 install.
>
Can you give a more detailed error message here?
Karl
_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters!
http://www.msn.co.uk/newsletters
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
