[DSE-Dev] Bug#895988: checkpolicy: needs support for sctp
Russell Coker
russell at coker.com.au
Wed Apr 18 11:36:26 BST 2018
Package: checkpolicy
Version: 2.7-1
Severity: normal
Tags: upstream patch
https://marc.info/?l=selinux&m=152078548332657&w=2
The above URL has patches to make checkpolicy etc support sctp. The latest
git refpolicy has sctp and needs those patches to compile.
Below are the compilation errors you get with the current checkpolicy:
/usr/bin/checkmodule: loading policy configuration from base.conf
policy/modules/admin/usermanage.te:2957:ERROR 'unrecognized protocol sctp' at token 'portcon' on line 554176:
portcon sctp 512-1023 system_u:object_r:hi_reserved_port_t:s0
portcon sctp 1024-65535 system_u:object_r:unreserved_port_t:s0
/usr/bin/checkmodule: error(s) encountered while parsing configuration
Rules.modular:102: recipe for target 'tmp/base.mod' failed
make[2]: *** [tmp/base.mod] Error 1
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.15.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: default
Versions of packages checkpolicy depends on:
ii libc6 2.27-3
checkpolicy recommends no packages.
checkpolicy suggests no packages.
-- no debconf information
More information about the SELinux-devel
mailing list