From: harrytaurus2002@hotmail.com (TaurusHarry) Date: Wed, 18 Aug 2010 10:26:23 +0000 Subject: [refpolicy] Problem about audit-test-2090 + refpolicy-2.20091117 Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hi SELinux exports, When I am trying to build the lspp_test.pp provided by audit-test-2090/utils/selinux-policy/lspp_test.* along with the refpolicy-20091117 source code, I copied lspp_test.* files to policy/modules/apps/ and then modified policy/modules.conf to declare "lspp_test = module", but I run into below error message: support/segenxml.py: warning: orphan XML comments at bottom of file policy/modules/apps/lspp_test.te Which will wipe out the line of declaration of "lspp_test = module" in modules.conf! How could I tackle such kind of error message? what's wrong in lspp_test.te?(attached for your reference) BTW, if I compile the lspp_test.pp within the audit-test-2090 package itself, everything is fine except some warning about "role dominance rule is deprecated", but I failed to insert it on my target with refpolicy-2.20091117 policy image taken place: [root/secadm_r/s0 at qemu-host selinux-policy]# semodule -i lspp_test.pp libsepol.expand_terule_helper: conflicting TE rule for (lspp_test_generic_t, sepgsql_db_t:db_table): old was user_sepgsql_table_t, new is sepgsql_table_t libsepol.expand_module: Error during expand libsemanage.semanage_expand_sandbox: Expand module failed semodule: Failed! [root/secadm_r/s0 at qemu-host selinux-policy]# So far I am clueless about this problem, how should I deal with it? Any comment is greatly appreciated! Thank you very much! Harry -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20100818/452a30d8/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: lspp_test.te Type: application/octet-stream Size: 8614 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100818/452a30d8/attachment.obj