From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Tue, 02 Dec 2008 08:13:21 -0500
Subject: [refpolicy] new svn refpolicy difficuties:
In-Reply-To: <1228112352.3841.13.camel@unix>
References: <1228112352.3841.13.camel@unix>
Message-ID: <1228223603.9691.19.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sun, 2008-11-30 at 22:19 -0800, Justin P. Mattock wrote:
> With the latest refpolicy, I'm 
> able to have all of the allow rules
> during the boot process applied to the policy,
> but as soon as I add any of the allow rules
> after startx, with any role I'm denied 
> with building the policy i.g.
> 
> :ERROR 'type staff_dbusd_t is not within scope' at token ';' on line
> 2581459:
> 
> I think this has to do with my policy/users
> file.(where can I find info on setting a prefix?)

I suspect it is actually related to this:

http://marc.info/?l=selinux&m=122477138927253&w=2

What changes have you made (if any) to the policy?  Also the
policy/modules.conf and build.conf?

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150