On Wed, 2007-05-09 at 16:07 -0400, Karl MacMillan wrote: > On Wed, 2007-05-09 at 14:53 -0400, Stephen Smalley wrote: > > On Wed, 2007-05-09 at 13:47 -0500, Hongwei Li wrote: > > > Hi, > > > > > > I have a fc6 linux box: kernel-2.6.20-1.2944.fc6, selinux-policy-2.4.6-62.fc6 > > > and selinux-policy-targeted-2.4.6-62.fc6, audit-1.4.2-5.fc6. > > > The system works and I was trying to add some settings to the selinux policy > > > by running audit2allow. It was okay before noon: > > > > > > # audit2allow -M local < /var/log/audit/audit.log > > > # semodule -i local.pp > > > > > > The new modules were added and it works. However, later, I can't do it again, > > > but always get error: > > > > > > # audit2allow -M local < /var/log/audit/audit.log > > > compilation failed: > > > (unknown source)::ERROR 'syntax error' at token '' on line 6: > > > > > > /usr/bin/checkmodule: error(s) encountered while parsing configuration > > > /usr/bin/checkmodule: loading policy configuration from local.te > > > > > > and the file local.te has only one line: > > > > > > module local 1.0; > > > > > > not like before. Can somebody tell what is wrong? "on line 6" of what file? > > > I reboot the system, still the same. > > > > What version of policycoreutils? > > > > The implication is that there were no avc denials > > in /var/log/audit/audit.log, and thus the generated module was empty. > > How did the old audit2allow handle this? Presumably a message saying > that there are no messages would be preferable. ./audit2allow -M local < /dev/null Generating type enforcment file: local.te ./audit2allow: No AVC messages found. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
