commit: ee9f1937dfcafbac9c687ee2f79d33bd7b54bec2
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Mon Feb 27 21:24:02 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Mar 2 10:16:52 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ee9f1937
devices: fix Debian file contexts
When using setfiles to validate file contexts of Debian modular policy
(with DISTRO=debian and MONOLITHIC=n), it fails with:
tmp/all_mods.fc: line 527 is missing fields
tmp/all_mods.fc: line 527 is missing fields
tmp/all_mods.fc: Invalid argument
Here is the content of tmp/all_mods.fc around line 527:
# this is a static /dev dir "backup mount"
# if you want to disable udev, youll have to boot permissive and relabel!
/dev/\.static -d system_u:object_r:device_t
/dev/\.static/dev -d system_u:object_r:device_t
/dev/\.static/dev/(.*)? <<none>>
'
The quote of "you'll" has been eaten by m4 and there is a spurious quote
on the last line, which is reported by setfiles. Fix this by removing
the quote in the comment.
Here is an example of a failed build on Travis-CI:
https://travis-ci.org/fishilico/selinux-refpolicy-patched/jobs/205951446
policy/modules/kernel/devices.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 19cd9724..84219a87 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -185,7 +185,7 @@ ifdef(`distro_suse', `
ifdef(`distro_debian',`
# this is a static /dev dir "backup mount"
-# if you want to disable udev, you'll have to boot permissive and relabel!
+# if you want to disable udev, you will have to boot permissive and relabel!
/dev/\.static -d gen_context(system_u:object_r:device_t,s0)
/dev/\.static/dev -d gen_context(system_u:object_r:device_t,s0)
/dev/\.static/dev/(.*)? <<none>>
