From: jack.borg-cardona@cgi.com (Borg-Cardona, Jack) Date: Thu, 28 Jul 2016 09:02:06 +0000 Subject: [refpolicy] Compile Error when using the userdom_login_user_template() macro... Message-ID: <53E0DE5B854BBC4EA982E3197A0C96D24B111CB0@SE-EX021.groupinfra.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Morning, I've been working on my first custom policies recently and have begun the compile process and am working through the various syntax errors I have made. I have come across one error that I can't decipher, and does not seem to reference the syntax in my own policy but rather the syntax in the tmp/cosapp.tmp folder that is created at compile time. >From my policy (.te) the offending line is: userdom_login_user_template(cos) The error message is: cosapp.te":61:ERROR 'syntax error' at token 'require' on line 4050: require { #line 61 /usr/bin/checkmodule: error(s) encountered while parsing configuration make: *** [tmp/cosapp.mod] Error 1 Looking at the cospp.tmp file more closely I went to line 4050 #line 61 require { #line 61 #line 61 class context contains; #line 61 attribute login_userdomain; #line 61 #line 61 } # end require As this is not my syntax I am a bit puzzled as to what is actually wrong? A couple of thoughts that I had are: The macro userdom_login_user_template(cos)references a new custom user 'cos_u' I have not yet added the user file_contexts file to /etc/selinux/targeted/contexts/users so could this be causing the error? If so I am surprised that the gen_user() statement the line before works. Are there any dependencies I need to consider for this template to work, that I may not have thought about? Then finally I jumped on the IRC channel yesterday no one was around, what time to people tend to be on it? Thanks for the help Jack -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20160728/5a4022a5/attachment.html