Package: checkpolicy Version: 2.7-1 Severity: normal Tags: upstream patch https://marc.info/?l=selinux&m=152078548332657&w=2
The above URL has patches to make checkpolicy etc support sctp. The latest git refpolicy has sctp and needs those patches to compile. Below are the compilation errors you get with the current checkpolicy: /usr/bin/checkmodule: loading policy configuration from base.conf policy/modules/admin/usermanage.te:2957:ERROR 'unrecognized protocol sctp' at token 'portcon' on line 554176: portcon sctp 512-1023 system_u:object_r:hi_reserved_port_t:s0 portcon sctp 1024-65535 system_u:object_r:unreserved_port_t:s0 /usr/bin/checkmodule: error(s) encountered while parsing configuration Rules.modular:102: recipe for target 'tmp/base.mod' failed make[2]: *** [tmp/base.mod] Error 1 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: SELinux: enabled - Mode: Enforcing - Policy name: default Versions of packages checkpolicy depends on: ii libc6 2.27-3 checkpolicy recommends no packages. checkpolicy suggests no packages. -- no debconf information _______________________________________________ SELinux-devel mailing list SELinux-devel@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/selinux-devel
