Re: semanage 'utf8' error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Gordon,

if you wanted to load the policy module into memory, here is the command:

# semodule -i ./puppetmaster.pp

Milos

----- Original Message -----
> Hi List
> 
> 
> I am trying to install a set of selinux rule definitions, but when I
> run
> 
> # semanage -i ./puppetmaster.pp
> 
> 
> to install the rules, I get the following error message:
> 
> /usr/sbin/semanage: utf8
> 
> 
> I get exit code 1, and my module does not load.
> 
> 
> My system is RHEL 6.3 with latest updates.
> 
> 
> It is in the 'en_US.UTF-8' locale.
> 
> 
> What does this error message mean?
> 
> I have tried various LANG env var changes, but can't get the rules to
> load.
> 
> 
> This is the '.te' file which compiles successfully into the
> 'puppetmaster.pp' file:
> 
> 
> 
> 
> module puppetmaster 1.0;
> 
> require {
>         type httpd_passenger_helper_t;
>         type puppet_var_run_t;
>         type puppet_log_t;
>         type puppet_var_lib_t;
>         type user_devpts_t;
>         type httpd_t;
>         type proc_net_t;
>         type certmonger_t;
>         class file { rename setattr relabelfrom create write read
>         getattr
> relabelto open };
>         class dir { search setattr relabelfrom create write read
>         getattr
> rmdir remove_name relabelto add_name };
>         class chr_file { read write };
> }
> 
> #============= certmonger_t ==============
> #!!!! The source type 'certmonger_t' can write to a 'dir' of the
> following
> types:
> # certmonger_var_lib_t, certmonger_var_run_t, cert_t,
> dirsrv_config_t,
> var_lib_t, var_run_t, root_t
> 
> allow certmonger_t puppet_var_lib_t:dir { write search getattr
> add_name };
> #!!!! The source type 'certmonger_t' can write to a 'file' of the
> following
> types:
> # certmonger_var_lib_t, certmonger_var_run_t, cert_t,
> dirsrv_config_t,
> root_t
> 
> allow certmonger_t puppet_var_lib_t:file { write read create open
> getattr };
> 
> #============= httpd_passenger_helper_t ==============
> allow httpd_passenger_helper_t user_devpts_t:chr_file { read write };
> 
> #============= httpd_t ==============
> allow httpd_t proc_net_t:file { read getattr open };
> #!!!! The source type 'httpd_t' can write to a 'dir' of the following
> types:
> # httpd_log_t, dirsrv_config_t, httpd_tmp_t, dirsrvadmin_tmp_t,
> httpd_cache_t, httpd_tmpfs_t, httpd_squirrelmail_t, dirsrv_var_log_t,
> zarafa_var_lib_t, dirsrv_var_run_t, httpd_var_run_t,
> dirsrvadmin_config_t,
> squirrelmail_spool_t, passenger_var_run_t, httpdcontent,
> httpd_cobbler_rw_content_t, httpd_munin_rw_content_t,
> httpd_bugzilla_rw_content_t, httpd_cvs_rw_content_t,
> httpd_git_rw_content_t, httpd_sys_rw_content_t,
> httpd_sys_rw_content_t,
> httpd_nagios_rw_content_t, httpd_nutups_cgi_rw_content_t,
> httpd_apcupsd_cgi_rw_content_t, httpd_mediawiki_rw_content_t,
> httpd_squid_rw_content_t, httpd_smokeping_cgi_rw_content_t,
> httpd_prewikka_rw_content_t, httpd_dirsrvadmin_rw_content_t,
> httpd_w3c_validator_rw_content_t, httpd_awstats_rw_content_t,
> httpd_user_rw_content_t
> 
> allow httpd_t puppet_log_t:dir { write add_name setattr };
> allow httpd_t puppet_log_t:file { write relabelfrom create relabelto
> };
> allow httpd_t puppet_var_lib_t:dir { setattr relabelfrom create write
> read
> rmdir relabelto remove_name add_name };
> allow httpd_t puppet_var_lib_t:file { write rename create setattr };
> allow httpd_t puppet_var_run_t:dir { search getattr };
> 
> 
> 
> thanks,
> Gordon
> 
> 
> --
> Gordon Grant
> 
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux



[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux