Invalid context with latest SELinux update.

Daniel J Walsh dwalsh at redhat.com
Mon Jun 20 19:08:03 UTC 2005 

Daniel J Walsh wrote:

> Erik P. Olsen wrote:
>
>> On Mon, 2005-06-20 at 11:41 -0400, Daniel J Walsh wrote:
>>  
>>
>>> Erik P. Olsen wrote:
>>>
>>>   
>>>
>>>> After having updated FC3 with the latest SELinux I get following error
>>>> messages during boot:
>>>>
>>>> Starting udev: /etc/selinux/targeted/contexts/files/file_contexts line
>>>> 287 has invalid context system_u:object_r:crypt_device_t
>>>>
>>>> Starting xfs: /etc/selinux/targeted/contexts/files/file_contexts line
>>>> 888 has invalid
>>>> context system_u:object_r:system_dbusd_var_run_t
>>>>
>>>> I can't see any side effect from this but what does it mean and 
>>>> what can
>>>> I do to correct it?
>>>>
>>>> SELinux installation:
>>>>
>>>> libselinux-1.19.1-8.i386.rpm
>>>> libselinux-devel-1.19.1-8.i386.rpm
>>>> selinux-doc-1.14.1-1.noarch.rpm
>>>> selinux-policy-strict-1.19.10-2.noarch.rpm
>>>> selinux-policy-strict-sources-1.19.10-2.noarch.rpm
>>>> selinux-policy-targeted-1.17.30-3.9.noarch.rpm
>>>> selinux-policy-targeted-sources-1.17.30-3.9.noarch.rpm
>>>>
>>>>
>>>>
>>>>     
>>>
>>> Can you try to reload policy
>>>
>>> cd /etc/selinux/targeted/src/policy
>>> make reload
>>>   
>>
>>
>> Yes, and here is what make told me:
>>
>> [root at epo policy]# make reload
>> mkdir -p /etc/selinux/targeted/policy
>> /usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18
>> policy.conf
>> /usr/bin/checkpolicy:  loading policy configuration from policy.conf
>> domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3894:
>> typeattribute tty_device_t { tty_device_t devpts_t };
>> typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t
>> sendmail_t sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
>> /usr/bin/checkpolicy:  error(s) encountered while parsing configuration
>> make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
>> [root at epo policy]#
>>
>> Obviously something is wrong, but I don't understand what it's all
>> about :-(
>>
>>  
>>
> What version of checkpolicy do you have installed?
>
> Dan


Can you cd /etc/selinux/targeted/src/policy
 grep -R define.*admin_tty_type .




--

More information about the fedora-list mailing list