RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Resolve when building monolithic on RHEL7 

/usr/bin/checkpolicy -c 31 -U deny policy.conf -o policy.31
/usr/bin/checkpolicy:  loading policy configuration from policy.conf
policy/modules/roles/secadm.te:10:ERROR 'duplicate filename transition for: filename_trans generator.early auditadm_systemd_t systemd_user_runtime_t:dir' at token ';' on line 2191007:
	type_transition systemd_user_session_type systemd_user_runtime_t:dir systemd_user_runtime_unit_t "generator.early";
checkpolicy:  error(s) encountered while parsing configuration
make: *** [policy.31] Error 1

This was introduced in cc8374fd24 but becuase
they are in a template used multiple times they are getting defined
multiple times and maybe checkpolicy on RHEL7 isn't happy with that.

Signed-off-by: Dave Sugar <dsugar100@gmail.com>
This commit is contained in:
Dave Sugar 2021-05-04 17:37:32 -04:00
parent bf6cc10e16
commit d51d49eb92
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/system/systemd.if
View File

@ -81,11 +81,6 @@ template(`systemd_role_template',`
allow $1_systemd_t $3:file read_file_perms;
allow $1_systemd_t $3:lnk_file read_lnk_file_perms;
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "generator.early")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "generator.late")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "transient")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "user")
dev_read_urand($1_systemd_t)
files_search_home($1_systemd_t)

5
policy/modules/system/systemd.te
View File

@ -1524,6 +1524,11 @@ userdom_user_runtime_filetrans(systemd_user_session_type, systemd_user_runtime_t
allow systemd_user_session_type systemd_user_runtime_notify_t:sock_file create;
type_transition systemd_user_session_type systemd_user_runtime_t:sock_file systemd_user_runtime_notify_t "notify";
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "generator.early")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "generator.late")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "transient")
filetrans_pattern(systemd_user_session_type, systemd_user_runtime_t, systemd_user_runtime_unit_t, dir, "user")
allow systemd_user_session_type systemd_user_tmpfs_t:file manage_file_perms;
fs_tmpfs_filetrans(systemd_user_session_type, systemd_user_tmpfs_t, file)