Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 163666

Summary: targeted policy source does not compile
Product: [Fedora] Fedora Reporter: Jonathan S. Shapiro <shap>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-07-20 13:14:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Jonathan S. Shapiro 2005-07-20 03:33:25 UTC
Description of problem:

I have installed selinux-policy-targeted-sources-1.17.30-3.16 and
checkpolicy-1.17.5-1.2, which appear to be the latest updates.

  su -; cd /etc/selinux/targeted/policy;make policy

fails with diagnostics:

[root@deskjob policy]# make policy
/usr/bin/checkpolicy -o policy.18 policy.conf
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
domains/unconfined.te:19:ERROR 'syntax error' at token '{' on line 3897:
typealias unconfined_t alias { kernel_t init_t initrc_t logrotate_t sendmail_t
sshd_t secadm_t sysadm_t rpm_t rpm_script_t xdm_t };
typeattribute tty_device_t { tty_device_t devpts_t };
/usr/bin/checkpolicy:  error(s) encountered while parsing configuration


Expected results: ought to compile


Additional info:

This does not inspire confidence in the Fedora Q/A process...

Please let me know if you want me to attach the offending source file.

Comment 1 Daniel Walsh 2005-07-20 03:49:41 UTC
Try a make clean first.
make clean
make load


Comment 2 Jonathan S. Shapiro 2005-07-20 04:19:31 UTC
That worked. Might I suggest adding this hint to the top of the README file in
src/policy/


Comment 3 Daniel Walsh 2005-07-20 13:14:16 UTC
I am not sure why this happened.  It only seems to effect people that edited
policy sources.  It was caused because a "constant" changed into an "attribute"
in policy terms.  Why it did not do a full rebuild I do not know.  I am forcing
a full rebuild on all new policy updates.  So this should not happen again. 

Comment 4 Jonathan S. Shapiro 2005-07-20 14:18:25 UTC
Just to add to the puzzle: I had not edited the policy sources in any way at all.