Re: libsepol.expand_terule_helper: duplicate TE rule

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Well, as a matter of fact, I installed apache from source.
So, I installed apche into /usr/local/apache2.

I set /etc/selinux/config permissive and found that apache
runs in initrc_t.
But, of course I want to make it run httpd_t.

So, I tried to edit your refpolicy downloading from repository,
newest version.
I commented every

type ...
bool ...
atribute...

including .if of templates.

and set them require {}.

I succeeded make apache.pp all-right, but when I tried to install by
semodule -i apache.pp,
expand_terule_helper says it has an error.

I found exim module in services directory but could not found
anything like process system_mail_t
I could not found those in tmp/apache.mod either.

It's first time I see this error and don't know what it is.

I messed up policy apache or some kind of bug ?

I succeeded install postgresql and mysql by this method all-right.

Thanks for your quick response.


2007/12/2, Chris PeBenito <pebenito@xxxxxxxxxx>:
> On Sat, 2007-12-01 at 17:15 +0900, Shintaro Fujiwara wrote:
> > When I try to install apache.pp,
> >
> > libsepol.expand_terule_helper: duplicate TE rule for httpd_t
> > exim_exec_t:process system_mail_t
> > libsepol.expand_module: Error during expand
> > libsemanage.semanage_expand_sandbox: Expand module failed
> > semodule:  Failed!
> >
> > I can't find any lines concerning exim_exec_t anywhere...
> > Please help.
>
> Which distro policy are you using?
>
> --
> Chris PeBenito
> <pebenito@xxxxxxxxxx>
> Developer,
> Hardened Gentoo Linux
>
> Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
> Key fingerprint = B0E6 877A 883F A57A 8E6A  CB00 BC8E E42D E6AF 9243
>
>


-- 
Shintaro Fujiwara
segatex project (SELinux policy tool)
http://sourceforge.net/projects/segatex/
Home page
http://intrajp.no-ip.com/
Blog
http://intrajp.no-ip.com/nucleus/
CMS
http://intrajp.no-ip.com/xoops/
Wiki
http://intrajp.no-ip.com/pukiwiki/

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux