Aleksander Adamowski wrote:
Hi!
I have a problem with this type on Fedora 9 (upgraded from Fedora 8).
I'm trying to rebuild the policy and recompile my custom modules for
policy version 3.3, but when I try to replace the base policy I get
the error that this type is not defined:
# semodule -b /usr/share/selinux/targeted/base.pp
libsepol.context_from_record: type samba_unconfined_script_exec_t is
not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert
system_u:object_r:samba_unconfined_script_exec_t:s0 to sid
invalid context system_u:object_r:samba_unconfined_script_exec_t:s0
libsemanage.semanage_install_active: setfiles returned error code 1.
semodule: Failed!
I've removed all my custom modules; my file_contexts.local contains
only one entry that concerns stunnel:
/usr/bin/stunnel -- system_u:object_r:stunnel_exec_t:s0
I also have the unconfined.pp module unloaded (when it was Fedora 8).
But when I try to load it back on Fedora 9, I get this error:
# semodule -i /usr/share/selinux/targeted/unconfined.pp
libsepol.permission_copy_callback: Module unconfined depends on
permission forward_out in class packet, not satisfied
libsemanage.semanage_link_sandbox: Link packages failed
semodule: Failed!
Which is probably (I think) due to the old base.pp being still used
because I cannot install the new one because of this problem with
Samba script type.
Could you suggest a path for getting out of this situation?
I've figured out that indeed my unloading of unconfined.pp was causing
the problem with loading the base policy. However, copying
/usr/share/selinux/targeted/unconfined.pp manually to
/etc/selinux/targeted/modules/active/modules has allowed me to load the
new base.pp.
--
Best Regards,
Aleksander Adamowski
GG#: 274614
ICQ UIN: 19780575
http://olo.org.pl
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
