When I used the binary file, I got this error
The selected file (monolithic sepolicy {}) does not appear to be a valid
SELinux Policy.
Error: Could not open policy
Tai
On 4/8/14, 5:12 PM, "Christopher J. PeBenito" <[email protected]> wrote:
>On 04/08/2014 04:21 PM, Stephen Smalley wrote:
>> On 04/08/2014 04:15 PM, Tai Nguyen (tainguye) wrote:
>>> I used apol 3.3.6 and when I load my sepolicy.conf, it crashes with
>>> messages
>>>
>>> external/sepolicy/genfs_contexts":9:ERROR 'invalid type trigger' at
>>>token
>>> 'genfscon' on line 11611:
>>> genfscon selinuxfs / u:object_r:selinuxfs:s0
>>> # selinuxfs booleans can be individually labeled.
>>>
>>> [1]+ Segmentation fault apol
>>
>> Works for me on Fedora with apol 3.3.7, however, I'd recommend using the
>> latest upstream version (3.3.8,
>> http://oss.tresys.com/projects/setools/wiki/download) as I believe
>> Fedora carries a number of patches to 3.3.7. Also, is there a reason
>> you ran it on the source rather than the binary policy?
>>
>> I have historically had some issues with apol myself; I tend to use the
>> command line tools (e.g. sesearch) instead.
>
>Historically, there definitely have been some weird apol bugs in the
>tcl/tk. But in this case, it looks more likely a source policy loading
>bug in SETools, so it would likely also be hit with sesearch. SETools 4
>may be dropping support for loading source policies (source policy
>loading has been a SETools maintenance problem for a long time and it
>can't load semanage customizations on a regular SELinux system).
>
>--
>Chris PeBenito
>Tresys Technology, LLC
>www.tresys.com | oss.tresys.com
