On 08/18/10 11:29, Paul Moore wrote:
On Wed, 2010-08-18 at 13:24 +0000, TaurusHarry wrote:
Many many thanks for your response!
Well, after I installed SELinux header properly then I did could enter
audit-test/utils/selinux-policy/ successfully built lspp_test.pp
there, however, I run into below error messages when trying to insert
it:
[root/secadm_r/s0@qemu-host selinux-policy]# semodule -i lspp_test.pp
libsepol.expand_terule_helper: conflicting TE rule for
( lspp_test_generic_t, sepgsql_db_t:db_table): old was
user_sepgsql_table_t, new is sepgsql_table_t
libsepol.expand_module: Error during expand
libsemanage.semanage_expand_sandbox: Expand module failed
semodule: Failed!
[root/secadm_r/s0@qemu-host selinux-policy]#
Very honestly speaking I am clueless about such error message, so I
tried to compile lspp_test.pp along with refpolicy source code just to
see if such problem could simply disappear. Do you have some comments
or suggestions about it?
Hmm, it looks like perhaps there is a conflict with the sepostgres
policy?
Yep, there are conflicting type_transitions. Basically it is
complaining about these two rules:
type_transition lspp_test_generic_t sepgsql_db_t:db_table
user_sepgsql_table_t;
type_transition lspp_test_generic_t sepgsql_db_t:db_table sepgsql_table_t;
so it fails.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
