Package: selinux-policy-refpolicy-src
Version: 0.0.20061018-5
Severity: minor
Tags: patch
The supplied policy source code does not compile without modification
because of an error in "policy/modules/system/selinuxutil.te". It uses
an "allow" statement instead of the appropriate interface to permit
access to a resource which was defined in another module.
The exact output of make is:
[...]
/usr/bin/checkmodule: loading policy configuration from tmp/selinuxutil.tmp
policy/modules/system/selinuxutil.te:89:ERROR 'unknown type tmpfs_t'
at token ';' on line 3406:
allow restorecon_t tmpfs_t:chr_file { read write };
# for initial labeling of tmpfs /dev
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/selinuxutil.mod] Error 1
The bug seems to be fixed in testing/lenny, or at least the offending
line is not present any more. Even though I suspect it probably won't
be critical enough to be fixed in stable/etch I decided to submit it,
because other people having the same problem might be looking for the
patch I'm providing here.
This patch should fix the problem:
--- selinux-policy-refpolicy-src/policy/modules/system/selinuxutil.te.orig
2007-03-09 07:57:17.000000000 +0100
+++ selinux-policy-refpolicy-src/policy/modules/system/selinuxutil.te
2007-08-10 18:02:26.000000000 +0200
@@ -86,7 +86,7 @@
role system_r types restorecon_t;
# for initial labeling of tmpfs /dev
-allow restorecon_t tmpfs_t:chr_file { read write };
+fs_rw_tmpfs_chr_files(restorecon_t)
type restorecond_t;
type restorecond_exec_t;
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
