-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/23/2012 03:28 PM, Moyer, Thomas - 0668 - MITLL wrote: > I am trying to build an SELinux policy module for a piece of software I am > writing. I used sepolgen to create an initial skeleton policy (running on > Red Hat Enterprise Linux 6). I get the following error when I try and > install the policy: > > sudo ./interface.sh Building and Loading Policy + make -f > /usr/share/selinux/devel/Makefile make: Nothing to be done for `all'. + > /usr/sbin/semodule -i interface.pp libsemanage.semanage_fc_sort: WARNING: > semanage_fc_sort: Incomplete context. libsepol.sepol_context_from_string: > malformed context "dnl" libsepol.sepol_context_from_string: could not > construct context from string libsepol.context_from_string: could not > create context structure libsepol.sepol_context_to_sid: could not convert > dnl to sid invalid context dnl libsemanage.semanage_install_active: > setfiles returned error code 1. /usr/sbin/semodule: Failed! > > Below is the interface.fc file since I think the error might be in there. > /usr/local/bin/interface--gen_context(system_u:object_r:interface_exec_t,s0) > > /usr/local/libexec/interfacegen_context(system_u:object_r:usr_t,s0) > /usr/local/libexec/interface/WebApp.jar--gen_context(system_u:object_r:httpd_sys_content_t,s0) > > /usr/local/libexec/interface/keystore--gen_context(system_u:object_r:interfaceKey_t,s0) > /usr/local/libexec/interface/ui-files(/.*)?gen_context(system_u:object_r:httpd_sys_content_t,s0) > > Not sure how to go about debugging this. > > Thanks for the help. > > -Tom > > -- Thomas Moyer, Technical Staffvoice: (781) 981-1374 Cyber Systems > Technology Groupmobile: (857) 268-0493 MIT Lincoln Laboratoryemail: > thomas.moyer@xxxxxxxxxx <mailto:thomas.moyer@xxxxxxxxxx> 244 Wood Street > Lexington, MA 02420 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCH8V4ACgkQrlYvE4MpobPDWACg5xFkTK7zVH8iGcFiJlhNhL+g gAMAmgIWUxhqjNqWPofHJPggPrA5u0mI =DjZp -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
