From 2e2088b4010623568eb2bfd8b13a7799af66723c Mon Sep 17 00:00:00 2001 From: Nicolas Iooss Date: Mon, 27 Feb 2017 22:24:02 +0100 Subject: [PATCH] devices: fix Debian file contexts When using setfiles to validate file contexts of Debian modular policy (with DISTRO=debian and MONOLITHIC=n), it fails with: tmp/all_mods.fc: line 527 is missing fields tmp/all_mods.fc: line 527 is missing fields tmp/all_mods.fc: Invalid argument Here is the content of tmp/all_mods.fc around line 527: # this is a static /dev dir "backup mount" # if you want to disable udev, youll have to boot permissive and relabel! /dev/\.static -d system_u:object_r:device_t /dev/\.static/dev -d system_u:object_r:device_t /dev/\.static/dev/(.*)? <> ' The quote of "you'll" has been eaten by m4 and there is a spurious quote on the last line, which is reported by setfiles. Fix this by removing the quote in the comment. Here is an example of a failed build on Travis-CI: https://travis-ci.org/fishilico/selinux-refpolicy-patched/jobs/205951446 --- policy/modules/kernel/devices.fc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc index 19cd97247..84219a87e 100644 --- a/policy/modules/kernel/devices.fc +++ b/policy/modules/kernel/devices.fc @@ -185,7 +185,7 @@ ifdef(`distro_suse', ` ifdef(`distro_debian',` # this is a static /dev dir "backup mount" -# if you want to disable udev, you'll have to boot permissive and relabel! +# if you want to disable udev, you will have to boot permissive and relabel! /dev/\.static -d gen_context(system_u:object_r:device_t,s0) /dev/\.static/dev -d gen_context(system_u:object_r:device_t,s0) /dev/\.static/dev/(.*)? <>