Invalid context with latest SELinux update.

Daniel J Walsh dwalsh at redhat.com
Mon Jun 20 20:09:03 UTC 2005 

Erik P. Olsen wrote:

>On Mon, 2005-06-20 at 15:08 -0400, Daniel J Walsh wrote:
>  
>
>>Daniel J Walsh wrote:
>>
>>    
>>
>>>Erik P. Olsen wrote:
>>>
>>>      
>>>
>>>>On Mon, 2005-06-20 at 11:41 -0400, Daniel J Walsh wrote:
>>>> 
>>>>
>>>>        
>>>>
>>>>>Erik P. Olsen wrote:
>>>>>
>>>>>  
>>>>>
>>>>>          
>>>>>
>>>>>>After having updated FC3 with the latest SELinux I get following error
>>>>>>messages during boot:
>>>>>>
>>>>>>Starting udev: /etc/selinux/targeted/contexts/files/file_contexts line
>>>>>>287 has invalid context system_u:object_r:crypt_device_t
>>>>>>
>>>>>>Starting xfs: /etc/selinux/targeted/contexts/files/file_contexts line
>>>>>>888 has invalid
>>>>>>context system_u:object_r:system_dbusd_var_run_t
>>>>>>
>>>>>>I can't see any side effect from this but what does it mean and 
>>>>>>what can
>>>>>>I do to correct it?
>>>>>>
>>>>>>SELinux installation:
>>>>>>
>>>>>>libselinux-1.19.1-8.i386.rpm
>>>>>>libselinux-devel-1.19.1-8.i386.rpm
>>>>>>selinux-doc-1.14.1-1.noarch.rpm
>>>>>>selinux-policy-strict-1.19.10-2.noarch.rpm
>>>>>>selinux-policy-strict-sources-1.19.10-2.noarch.rpm
>>>>>>selinux-policy-targeted-1.17.30-3.9.noarch.rpm
>>>>>>selinux-policy-targeted-sources-1.17.30-3.9.noarch.rpm
>>>>>>
>>>>>>
>>>>>>
>>>>>>    
>>>>>>            
>>>>>>
>>>>>Can you try to reload policy
>>>>>
>>>>>cd /etc/selinux/targeted/src/policy
>>>>>make reload
>>>>>  
>>>>>          
>>>>>
>>>>Yes, and here is what make told me:
>>>>
>>>>[root at epo policy]# make reload
>>>>mkdir -p /etc/selinux/targeted/policy
>>>>/usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18
>>>>policy.conf
>>>>/usr/bin/checkpolicy:  loading policy configuration from policy.conf
>>>>domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3894:
>>>>typeattribute tty_device_t { tty_device_t devpts_t };
>>>>typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t
>>>>sendmail_t sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
>>>>/usr/bin/checkpolicy:  error(s) encountered while parsing configuration
>>>>make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
>>>>[root at epo policy]#
>>>>
>>>>Obviously something is wrong, but I don't understand what it's all
>>>>about :-(
>>>>
>>>> 
>>>>
>>>>        
>>>>
>>>What version of checkpolicy do you have installed?
>>>
>>>Dan
>>>      
>>>
>>Can you cd /etc/selinux/targeted/src/policy
>> grep -R define.*admin_tty_type .
>>    
>>
>
>[root at epo policy]# grep -R define.*admin_tty_type .
>./macros/program/chroot_macros.te:define(`chroot_tty_device', `
>{ console_device_t admin_tty_type }')
>[root at epo policy]#
>
>  
>
Ok how about

grep -R define.*ttyp_device_t .


--

More information about the fedora-list mailing list