Morning,
I've been working on my first custom policies recently and have begun the compile process and am working through the various syntax errors I have made. I have come across one error that I can't decipher, and does not seem to reference the syntax in my own policy but rather the syntax in the tmp/cosapp.tmp folder that is created at compile time.
>From my policy (.te) the offending line is:
userdom_login_user_template(cos)
The error message is:
cosapp.te":61:ERROR 'syntax error' at token 'require' on line 4050:
require {
#line 61
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/cosapp.mod] Error 1
Looking at the cospp.tmp file more closely I went to line 4050
#line 61
require {
#line 61
#line 61
class context contains;
#line 61
attribute login_userdomain;
#line 61
#line 61
} # end require
As this is not my syntax I am a bit puzzled as to what is actually wrong?
A couple of thoughts that I had are:
The macro userdom_login_user_template(cos)references a new custom user 'cos_u' I have not yet added the user file_contexts file to /etc/selinux/targeted/contexts/users so could this be causing the error? If so I am surprised that the gen_user() statement the line before works.
Are there any dependencies I need to consider for this template to work, that I may not have thought about?
Then finally I jumped on the IRC channel yesterday no one was around, what time to people tend to be on it?
Thanks for the help
Jack
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20160728/5a4022a5/attachment.html
On 07/28/2016 11:02 AM, Borg-Cardona, Jack wrote:
> Morning,
>
> I've been working on my first custom policies recently and have begun the compile process and am working through the various syntax errors I have made. I have come across one error that I can't decipher, and does not seem to reference the syntax in my own policy but rather the syntax in the tmp/cosapp.tmp folder that is created at compile time.
>
Hi, Is this refpolicy or some fork (redhat maybe?) If this is a redhat
fork then you might want to ask on the fedora-selinux maillist or
#fedora-selinux or irc.freenode.org for better results
Regardless, I would probably start by narrowing this down.
cat >>mytest.te<<EOF
policy_module(mytest,1.0.0)
userdom_login_user_template(cos)
EOF
make -f /usr/share/selinux/devel/Makefile mytest.pp
Do you see the same error message?
>>From my policy (.te) the offending line is:
> userdom_login_user_template(cos)
>
> The error message is:
> cosapp.te":61:ERROR 'syntax error' at token 'require' on line 4050:
> require {
> #line 61
> /usr/bin/checkmodule: error(s) encountered while parsing configuration
> make: *** [tmp/cosapp.mod] Error 1
>
> Looking at the cospp.tmp file more closely I went to line 4050
> #line 61
> require {
> #line 61
>
> #line 61
> class context contains;
> #line 61
> attribute login_userdomain;
> #line 61
>
> #line 61
> } # end require
> As this is not my syntax I am a bit puzzled as to what is actually wrong?
> A couple of thoughts that I had are:
> The macro userdom_login_user_template(cos)references a new custom user 'cos_u' I have not yet added the user file_contexts file to /etc/selinux/targeted/contexts/users so could this be causing the error? If so I am surprised that the gen_user() statement the line before works.
> Are there any dependencies I need to consider for this template to work, that I may not have thought about?
>
> Then finally I jumped on the IRC channel yesterday no one was around, what time to people tend to be on it?
>
> Thanks for the help
> Jack
>
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>
--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160728/a3c3ea08/attachment-0001.bin