Hello, I am novice in SELinux. For policy analysis I compiled policy.conf from selinux-policy-2.4.6-30.el5.src.rpm on RHEL5. When I tried to open policy.21 with apol (GUI version 3.0 libapol version 3.0.0) it was ok. But when i opened policy.conf i received the following error: The selected file does not appear to be a valid SELinux Policy. Error opening policy: Input/output error. And in console tmp/rolemap.conf:624:ERROR 'syntax error' at token 'ntfs-3g' on line 1563798: genfscon ntfs-3g / system_u:object_r:dosfs_t
genfscon msdos / system_u:object_r:dosfs_t
What is the possible reason? ____ Andrey Markelov Plus Communications Phone: +7(495)777-0-111 ext.533
On Fri, 2007-07-27 at 17:58 +0400, Markelov Andrey wrote:
Hello, I am novice in SELinux. For policy analysis I compiled policy.conf from selinux-policy-2.4.6-30.el5.src.rpm on RHEL5. When I tried to open policy.21 with apol (GUI version 3.0 libapol version 3.0.0) it was ok. But when i opened policy.conf i received the following error: The selected file does not appear to be a valid SELinux Policy. Error opening policy: Input/output error. And in console tmp/rolemap.conf:624:ERROR 'syntax error' at token 'ntfs-3g' on line 1563798: genfscon ntfs-3g / system_u:object_r:dosfs_t
genfscon msdos / system_u:object_r:dosfs_t
What is the possible reason?
I'd bet on an apol bug, but I don't know. The addition of a '-' in ntfs-3g caused a number of headaches. I'm adding the upstream list to the cc and hopefully one of the people who work on apol will know right offhand.
-Eric
On Fri, 2007-07-27 at 13:44 -0400, Eric Paris wrote:
On Fri, 2007-07-27 at 17:58 +0400, Markelov Andrey wrote:
Hello, I am novice in SELinux. For policy analysis I compiled policy.conf from selinux-policy-2.4.6-30.el5.src.rpm on RHEL5. When I tried to open policy.21 with apol (GUI version 3.0 libapol version 3.0.0) it was ok. But when i opened policy.conf i received the following error: The selected file does not appear to be a valid SELinux Policy. Error opening policy: Input/output error. And in console tmp/rolemap.conf:624:ERROR 'syntax error' at token 'ntfs-3g' on line 1563798: genfscon ntfs-3g / system_u:object_r:dosfs_t
genfscon msdos / system_u:object_r:dosfs_t
What is the possible reason?
I'd bet on an apol bug, but I don't know. The addition of a '-' in ntfs-3g caused a number of headaches. I'm adding the upstream list to the cc and hopefully one of the people who work on apol will know right offhand.
Just like the checkpolicy/checkmodule parser, the setools parser had to be updated, and this happened in setools 3.0.1.
Thanks for clarifications!
I was confused that in fully updated RHEL-system apol can't open default policy . At first I looked at bugzilla and did not see any bug reports.
selinux@lists.fedoraproject.org
-
Andrey Markelov -
Christopher J. PeBenito -
Eric Paris