Package: selinux-policy-default
Version: 1:1.26-7
Severity: important
Hi,
selinux-policy-default fails to install, for three reasons:
the third one (that I couldn't fix) is reported here.
(1) python error in /usr/sbin/genhomedircon (bug #369852 in
policycoreutils)
solved by making try: except: block as described in bugfix
(2) first-time installation and /selinux is not mountable yet
because the kernel is running without selinux=1
solution:
I tricked the /etc/selinux/src makefile to set KERNVERS to 20,
with the following patch:
diff -Naur orig/etc/selinux/src/Makefile new/etc/selinux/src/Makefile
--- orig/etc/selinux/src/Makefile 2005-12-29 07:15:46.000000000 +0100
+++ new/etc/selinux/src/Makefile 2006-07-17 22:41:21.000000000 +0200
@@ -24,7 +24,7 @@
GENHOMEDIRCON = $(SBINDIR)/genhomedircon
SETFILES = $(SBINDIR)/setfiles
VERS := $(shell $(CHECKPOLICY) $(POLICYCOMPAT) -V |cut -f 1 -d ' ')
-KERNVERS := $(shell cat /selinux/policyvers)
+KERNVERS := $(shell cat /selinux/policyvers || echo 20 )
POLICYVER := policy.$(KERNVERS)
TOPDIR = $(DESTDIR)/etc/selinux
ifeq ($(MLS),y)
I think this is legit because I believe the current kernel policy version for
2.6.15 was 20 -- correct me if I'm wrong!
I didn't dare to suggest this as an official bugfix because I'm not
familiar enough with SELinux.
(3) Now i'm running into the next problem:
==================
Compiling policy ...
/usr/bin/checkpolicy: loading policy configuration from policy.conf
domains/admin.te:18:ERROR 'unknown type sysadm_iceauth_home_t' at token ';' on l
ine 10889:
#line 18
allow sysadm_mozilla_t sysadm_iceauth_home_t:file { read getattr };
/usr/bin/checkpolicy: error(s) encountered while parsing configuration
make: *** [/etc/selinux/./policy/policy.20] Fout 1
==================
I don't understand SELinux sufficiently.. so this is where it stops for
me :-)
Good luck,
Frits
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages selinux-policy-default depends on:
ii checkpolicy 1.30.3-1 SELinux policy compiler
ii libpam-modules 0.79-3.1 Pluggable Authentication Modules f
ii libselinux1 1.30-1 SELinux shared libraries
ii m4 1.4.4-1 a macro processing language
ii make 3.81-2 The GNU version of the "make" util
ii policycoreutils 1.30-2 SELinux core policy utilities
ii python 2.3.5-11 An interactive high-level object-o
selinux-policy-default recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
