Re: libsepol.expand_terule_helper: duplicate TE rule

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

2007/12/5, Daniel J Walsh <dwalsh@xxxxxxxxxx>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Shintaro Fujiwara wrote:
> > 2007/12/4, Daniel J Walsh <dwalsh@xxxxxxxxxx>:
> > Shintaro Fujiwara wrote:
> >>>> When I try to install apache.pp,
> >>>>
> >>>> libsepol.expand_terule_helper: duplicate TE rule for httpd_t
> >>>> exim_exec_t:process system_mail_t
> >>>> libsepol.expand_module: Error during expand
> >>>> libsemanage.semanage_expand_sandbox: Expand module failed
> >>>> semodule:  Failed!
> >>>>
> >>>> I can't find any lines concerning exim_exec_t anywhere...
> >>>> Please help.
> >>>>
> >>>>
> > in mta.if,
> >
> > mta_send_mail has the following
> >
> >
> >         domtrans_pattern($1, mailclient_exec_type, system_mail_t)
> >         allow system_mail_t mailclient_exec_type:file entrypoint;
> >
> >
> > And
> >
> > interface(`mta_mailclient',`
> >         gen_require(`
> >                 attribute mailclient_exec_type;
> >         ')
> >
> >         typeattribute $1 mailclient_exec_type;
> > ')
> >at
> >
> > In exim.te
> >
> > mta_mailclient(exim_exec_t)
> >
> >> Thank you, but, I commented line,
> >
> >> mta_send_mail(httpd_t)
> >
> >> and make apache.pp again but still I have an error.
> >> I'm stuck.
> >
> >
> >>
> Same error? I would check your source file to make sure mta_send_mail is
> not coming from somewhere else.

In apache.if, apache_content_template has
        #optional_policy(`
        #       mta_send_mail(httpd_$1_script_t)
        #')
So, I commented like above, and made apache.pp again, and
this time I succeeded installing apache.pp.

Thank you very much, Mr. SELinux.



> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iD8DBQFHVh0CrlYvE4MpobMRAgRiAJ9zuF7+6nNB7JWxd+88aMhl1eHEEQCeLPpo
> DY9lWAfx29hWmugTTSrDw+c=
> =P9KS
> -----END PGP SIGNATURE-----
>


-- 
Shintaro Fujiwara
segatex project (SELinux policy tool)
http://sourceforge.net/projects/segatex/
Home page
http://intrajp.no-ip.com/
Blog
http://intrajp.no-ip.com/nucleus/
CMS
http://intrajp.no-ip.com/xoops/
Wiki
http://intrajp.no-ip.com/pukiwiki/

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux