Git Product home page Git Product logo

Comments (3)

rammohanreddy434 avatar rammohanreddy434 commented on August 15, 2024 1

HI,
If i Compile reference policy as a MLS type in build.conf file ,then i'm getting this below error at audit2allow run time.

libsepol.sepol_context_to_sid: could not convert system_u:system_r:systemd_cgroups_t:s0 to sid libsepol.context_from_record: type systemd_logind_t is not defined libsepol.context_from_record: could not create context structure.

generate policy using audit2allow
#!!!! This avc is a constraint violation. You would need to modify the attributes of either the source or target types to allow this access. #Constraint rule: 
mlsconstrain dir { create } ((l1 eq l2 -Fail-) or (t1 == mlsfileupgrade -Fail-) and (l1 domby l2 -Fail-) or (t1 == mlsfiledowngrade -Fail-) and (l1 dom l2) or (t1 == mlsfiledowngrade -Fail-)D

Possible cause is the source level (s15:c0.c1023) and target level (s0) are different.

The following is my build.conf file

TYPE =mls
NAME = refpolicy
UNK_PERMS = allow
DIRECT_INITRC = y
MONOLITHIC = n
UBAC = y
CUSTOM_BUILDOPT =
MLS_SENS = 16
MLS_CATS = 1024
MCS_CATS = 1024
QUIET = n

Please suggest me what was the problem...

Thanks,

from refpolicy.

pebenito avatar pebenito commented on August 15, 2024

Is MLS disabled in your policy? This seems like an audit2allow problem, not a refpolicy problem.

from refpolicy.

rammohanreddy434 avatar rammohanreddy434 commented on August 15, 2024

Got the solution for the above problem .
After adding the setrans. conf file in refpolicy directory then problem solved....

Now i',m facing the other problem while in enforcement mode ,

*** Warning -- SELinux refpolicy policy relabel is required.
*** Relabeling could take a very long time, depending on file
*** system size and speed of hard drives.
cat: /.autorelabel: No such file or directory
Warning: Skipping the following R/O filesystems:
/sys/fs/cgroup
Relabeling / /dev /dev/pts /dev/shm /run /run/lock /sys
/ 100.0%
/dev 100.0%
/dev/pts 100.0%
/dev/shm 100.0%
/run 100.0%
/run/lock 100.0%
/sys 100.0%

Please suggest me what was the problem..
Thanks,

from refpolicy.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.