Novice problem with apol/ policy.conf
Andrey Markelov
amarkelov at pluscom.ru
Mon Jul 30 07:51:26 UTC 2007
Thanks for clarifications!
I was confused that in fully updated RHEL-system apol can't open
default policy . At first I looked at bugzilla and did not see any bug reports.
--
Andrey Markelov,
Plus Communications
Phone: +7(495)777-0-111 ext.533
On Fri, 27 Jul 2007 19:02:35 +0000
"Christopher J. PeBenito" <cpebenito at tresys.com> wrote:
> On Fri, 2007-07-27 at 13:44 -0400, Eric Paris wrote:
> > On Fri, 2007-07-27 at 17:58 +0400, Markelov Andrey wrote:
> > > Hello,
> > > I am novice in SELinux. For policy analysis I compiled policy.conf from selinux-policy-2.4.6-30.el5.src.rpm on RHEL5.
> > > When I tried to open policy.21 with apol (GUI version 3.0
> > > libapol version 3.0.0) it was ok. But when i opened policy.conf i received the following error: The selected file does not appear to be a valid SELinux Policy. Error opening policy: Input/output error. And in console
> > > tmp/rolemap.conf:624:ERROR 'syntax error' at token 'ntfs-3g' on line 1563798:
> > > genfscon ntfs-3g / system_u:object_r:dosfs_t
> > >
> > > genfscon msdos / system_u:object_r:dosfs_t
> > >
> > > What is the possible reason?
> >
> > I'd bet on an apol bug, but I don't know. The addition of a '-' in
> > ntfs-3g caused a number of headaches. I'm adding the upstream list to
> > the cc and hopefully one of the people who work on apol will know right
> > offhand.
>
> Just like the checkpolicy/checkmodule parser, the setools parser had to
> be updated, and this happened in setools 3.0.1.
>
> --
> Chris PeBenito
> Tresys Technology, LLC
> (410) 290-1411 x150
>
--
Andrey Markelov,
Plus Communications
Phone: +7(495)777-0-111 ext.533
More information about the fedora-selinux-list
mailing list