I used the version from bitbucket (https://bitbucket.org/billcroberts/external-sepolicy/raw/9dbb7deb01444fe59755293ffd7bb3d5053282c2/tools/check_seapp.c) and that works fine fixing both problems. Also used the new -s option and tested okay.
Thanks Richard --- On Fri, 19/4/13, William Roberts <bill.c.robe...@gmail.com> wrote: From: William Roberts <bill.c.robe...@gmail.com> Subject: Re: checkseapp - duplicate entry query plus seg fault using -v option To: "Stephen Smalley" <s...@tycho.nsa.gov> Cc: "Richard Haines" <richard_c_hai...@btinternet.com>, "seandroid-list@tycho.nsa.gov" <seandroid-list@tycho.nsa.gov> Date: Friday, 19 April, 2013, 22:23 I have no problem with it dropping the duplicate and moving on, we could have a strict mode if we want to enforce some come of duplicate semantics. I think if we are going to tag log_info with __attribute__ we should probably do it to all the logging functions. I can author a patch tomorrow and upload it to bit bucket and Gerrit. On Sat, Apr 20, 2013 at 3:38 AM, Stephen Smalley <s...@tycho.nsa.gov> wrote: On 04/19/2013 09:20 AM, Richard Haines wrote: checkseapp works fine when consolidating entries, however if they match exactly then it exits with (using my example): Error: Duplicate line detected in file: stdout Lines 6 and 12 match! Should checkseapp just delete the duplicate entry and carry on. I think so. Bill? Also if I use the -v option checkseapp core dumps whenever it gets a duplicate entry or even when consolidating an entry. Dies in both cases with: Info: Existing entry found! Segmentation fault (core dumped) Seems to be due to invalid log_info() calls passing enum values where strings are expected. Possible patch attached, also marks log_msg to detect these kinds of mismatches. # Example seapp_contexts file: isSystemServer=true domain=system user=system domain=system_app type=system_data_file user=bluetooth domain=bluetooth type=bluetooth_data_file user=nfc domain=nfc type=nfc_data_file user=radio domain=radio type=radio_data_file user=_app domain=untrusted_app type=app_data_file levelFrom=app user=_app seinfo=platform domain=platform_app type=platform_app_data_file user=_app seinfo=shared domain=shared_app type=platform_app_data_file user=_app seinfo=media domain=media_app type=platform_app_data_file user=_app seinfo=release domain=release_app type=platform_app_data_file user=_isolated domain=isolated_app user=_app domain=untrusted_app type=app_data_file levelFrom=app Richard -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with the words "unsubscribe seandroid-list" without quotes as the message. -- Respectfully, William C Roberts
