0

I'm trying to create a selinux .te file from a .pp file but the tools on fc22 don't work. Is this a bug or should I be doing something different?

Environment: fc22

[root@fc20-64 ~]# rpm -q --whatprovides /bin/sedispol
checkpolicy-2.3-4.fc22.x86_64
[root@fc20-64 ~]# rpm -q kernel
kernel-4.2.6-201.fc22.x86_64
kernel-4.2.7-200.fc22.x86_64
kernel-4.2.8-200.fc22.x86_64

...

[root@fc20-64 ~]# grep logrotate /var/log/audit/audit.log | audit2allow -M mypol
[root@fc20-64 ~]# sedispol mypol.pp 
Reading policy...
libsepol.policydb_read: policydb magic number 0xf97cff8f does not match expected magic number 0xf97cff8c or 0xf97cff8d
sedispol:  error(s) encountered while parsing configuration
[root@fc20-64 ~]# checkmodule -b mypol.pp
checkmodule:  loading policy configuration from mypol.pp
libsepol.policydb_read: policydb magic number 0xf97cff8f does not match expected magic number 0xf97cff8c or 0xf97cff8d
checkmodule:  error(s) encountered while parsing configuration
Hugh
  • 1
  • 2

1 Answers1

0

I was seeing this too recently when messing around with selinux.

Not sure what made it go away, but I'm currently using the following to build and install policy and I'm not seeing it anymore:

# checkmodule -M -m mypol.te -o mypol.mod && semodule_package -m mypol.mod -o mypol.pp && semodule -i mypol.pp

Hope that helps. It did for me, behold! nginx no longer returns a 502 Bad Gateway! mattschlobohm.com

Matt Schlobohm
  • 101
  • Thanks for the comment Matt. I do have something which allows me to manually merge .te files. I'm not sure what this has to do with "502 bad Gateway". The policy binary file can't be read by checkmodule or sedispol as expected. Checking again on fc23 it's still broken. – Hugh Apr 10 '16 at 02:45
  • @Hugh Sure no problem. The 502 http status is what was making me dig into selinux in the first place. I probably deleted the binary and regenerated it? Not sure, I know I saw this though, that's how I wound up with a tab open on this page that I found again later on. :) – Matt Schlobohm Apr 10 '16 at 03:38