Hello,
here is the effect of the recent modifications introducing
portage_run_fetch():
Compliling refpolicy-13122011 sysadm.mod module
m4 -D enable_mcs -D distro_redhat -D direct_sysadm_daemon -D enable_ubac
-D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D
hide_broken_symptoms -s support/divert.m4
policy/support/file_patterns.spt policy/support/ipc_patterns.spt
policy/support/obj_perm_sets.spt policy/support/misc_patterns.spt
policy/support/misc_macros.spt policy/support/mls_mcs_macros.spt
policy/support/loadable_module.spt support/undivert.m4
tmp/generated_definitions.conf tmp/all_interfaces.conf
policy/modules/roles/sysadm.te > tmp/sysadm.tmp
/usr/bin/checkmodule -M -m tmp/sysadm.tmp -o tmp/sysadm.mod
/usr/bin/checkmodule: loading policy configuration from tmp/sysadm.tmp
policy/modules/roles/sysadm.te":258:ERROR 'syntax error' at token
'portage_run_fetch' on line 40465:
#line 258
portage_run_fetch(sysadm_t, sysadm_r)
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/sysadm.mod] Error 1
---
Compliling refpolicy-13122011 unconfined.mod module
m4 -D enable_mcs -D distro_redhat -D direct_sysadm_daemon -D enable_ubac
-D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D
hide_broken_symptoms -s support/divert.m4
policy/support/file_patterns.spt policy/support/ipc_patterns.spt
policy/support/obj_perm_sets.spt policy/support/misc_patterns.spt
policy/support/misc_macros.spt policy/support/mls_mcs_macros.spt
policy/support/loadable_module.spt support/undivert.m4
tmp/generated_definitions.conf tmp/all_interfaces.conf
policy/modules/system/unconfined.te > tmp/unconfined.tmp
/usr/bin/checkmodule -M -m tmp/unconfined.tmp -o tmp/unconfined.mod
/usr/bin/checkmodule: loading policy configuration from
tmp/unconfined.tmp
policy/modules/system/unconfined.te":152:ERROR 'syntax error' at token
'portage_run_fetch' on line 13377:
#line 152
portage_run_fetch(unconfined_t, unconfined_r)
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/unconfined.mod] Error 1
The issue is affecting git refpolicy since at least the 12th of October
2011.
Regards,
Guido
On 12/13/11 08:49, Guido Trentalancia wrote:
> Hello,
>
> here is the effect of the recent modifications introducing
> portage_run_fetch():
>
> Compliling refpolicy-13122011 sysadm.mod module
> m4 -D enable_mcs -D distro_redhat -D direct_sysadm_daemon -D enable_ubac
> -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D
> hide_broken_symptoms -s support/divert.m4
> policy/support/file_patterns.spt policy/support/ipc_patterns.spt
> policy/support/obj_perm_sets.spt policy/support/misc_patterns.spt
> policy/support/misc_macros.spt policy/support/mls_mcs_macros.spt
> policy/support/loadable_module.spt support/undivert.m4
> tmp/generated_definitions.conf tmp/all_interfaces.conf
> policy/modules/roles/sysadm.te > tmp/sysadm.tmp
> /usr/bin/checkmodule -M -m tmp/sysadm.tmp -o tmp/sysadm.mod
> /usr/bin/checkmodule: loading policy configuration from tmp/sysadm.tmp
> policy/modules/roles/sysadm.te":258:ERROR 'syntax error' at token
> 'portage_run_fetch' on line 40465:
> #line 258
> portage_run_fetch(sysadm_t, sysadm_r)
> /usr/bin/checkmodule: error(s) encountered while parsing configuration
> make: *** [tmp/sysadm.mod] Error 1
>
> ---
>
> Compliling refpolicy-13122011 unconfined.mod module
> m4 -D enable_mcs -D distro_redhat -D direct_sysadm_daemon -D enable_ubac
> -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -D
> hide_broken_symptoms -s support/divert.m4
> policy/support/file_patterns.spt policy/support/ipc_patterns.spt
> policy/support/obj_perm_sets.spt policy/support/misc_patterns.spt
> policy/support/misc_macros.spt policy/support/mls_mcs_macros.spt
> policy/support/loadable_module.spt support/undivert.m4
> tmp/generated_definitions.conf tmp/all_interfaces.conf
> policy/modules/system/unconfined.te > tmp/unconfined.tmp
> /usr/bin/checkmodule -M -m tmp/unconfined.tmp -o tmp/unconfined.mod
> /usr/bin/checkmodule: loading policy configuration from
> tmp/unconfined.tmp
> policy/modules/system/unconfined.te":152:ERROR 'syntax error' at token
> 'portage_run_fetch' on line 13377:
> #line 152
> portage_run_fetch(unconfined_t, unconfined_r)
> /usr/bin/checkmodule: error(s) encountered while parsing configuration
> make: *** [tmp/unconfined.mod] Error 1
>
> The issue is affecting git refpolicy since at least the 12th of October
> 2011.
Odd. I can't reproduce this. The interface definitely exists in the policy, so it should expand correctly.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com