rebuilding without make bare after changing CONFIG_BUILD variables has unpredictable behavior #179
Labels
Milestone
Comments
|
Can you please take a look at this |
This is a symptom of a bad file context -- typically it results from semodule failing to load the base policy module because it contains a bad file context. I built off of master with a diff --git a/packages/clip-selinux-policy/clip-selinux-policy.spec b/packages/clip-selinux-policy/clip-selinux-policy.spec
index f8b0e7b..3bb5a25 100644
--- a/packages/clip-selinux-policy/clip-selinux-policy.spec
+++ b/packages/clip-selinux-policy/clip-selinux-policy.spec
@@ -128,7 +128,7 @@ fi
%define loadpolicy() \
. %{_sysconfdir}/selinux/config; \
-( cd /usr/share/selinux/%1; semodule -n -b base.pp.bz2 -i %2 -s %1 &> /dev/null ); \
+( cd /usr/share/selinux/%1; semodule -n -b base.pp.bz2 -i %2 -s %1 &> /tmp/load_policy.log ); \
%define relabel() \
. %{_sysconfdir}/selinux/config; \
@@ -136,7 +136,7 @@ FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
selinuxenabled; \
if [ $? = 0 -a "${SELINUXTYPE}" = %1 -a -f ${FILE_CONTEXT}.pre ]; then \
fixfiles -C ${FILE_CONTEXT}.pre restore; \
- restorecon -RF / &> /dev/null; \
+ restorecon -RF / &> /tmp/relabel.log; \
rm -f ${FILE_CONTEXT}.pre; \
fi;
and did not have any issues with sudo. There were no error messages seen in /tmp/load_policy.log nor /tmp/relabel.log. |
|
Doing a make bare fixes this. It might be an issue with rebuilding when changing variables in CONFIG_BUILD |
ghost
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
trying to use sudo on a debug build results in the following error:
system_u:toor_r:toor_t:s0-s0:c0.c1023 is not a valid context
The system is running in permissive, but this error prevents the sudo command from working
The text was updated successfully, but these errors were encountered: