Stephen Smalley wrote:
On Thu, 2007-03-29 at 10:49 +0800, Ken YANG wrote:
i want to use findcon to find a type "tmpfs_t". but in FC, there is setools* package contaning findcon. i find that secmds(findcon) is in setools-console subpackage why fc has not this subpackage?
That's a question for Dan Walsh (cc'd above) or fedora-selinux-list.
ok, i have cc to fedora-selinux-list
i down a setools-3.1-1.src.rpm from tresys site, and encounter a build error:
policy_extend.c: In function 'qpol_policy_build_attrs_from_map': policy_extend.c:170: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) policy_extend.c:170: error: (Each undeclared identifier is reported only once policy_extend.c:170: error: for each function it appears in.) policy_extend.c: In function 'qpol_policy_fill_attr_holes': policy_extend.c:246: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) make[4]: *** [policy_extend.o] Error 1 make[4]: Leaving directory `/workbench/rpmbuild/BUILD/setools-3.1/libqpol/src'
i have not find "HASHTAB_OVERFLOW" in selinux trunk, especially in libsepol. where is this symbol defined?
Those error codes were replaced by standard ones (include/sepol/errcodes.h) in the trunk version of libsepol, so you would need to build setools against the stable branch version of libsepol until they update setools.
thank you.
i play some tricks on the setools :-)
in the spec file of setools-3.1-3.fc7, i find "findcon" and other cmds had been removed:
rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon rm -f ${RPM_BUILD_ROOT}/usr/bin/searchcon rm -f ${RPM_BUILD_ROOT}/usr/bin/indexcon rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/searchcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/indexcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/replcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/findcon.1 rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite
so i comment "findcon relative" items, and add corresponding items in "files" list.
it seems that this kind of "findcon" works.
this is a temporary method, i just want to use findcon to search certain context
by the way, i want checkout setools and try again, but tresys "open source project" site can not access, maybe is temporary :-)
Appears to be up now.
On Thu, 2007-03-29 at 19:43 +0800, Ken YANG wrote:
Stephen Smalley wrote:
On Thu, 2007-03-29 at 10:49 +0800, Ken YANG wrote:
i want to use findcon to find a type "tmpfs_t". but in FC, there is setools* package contaning findcon. i find that secmds(findcon) is in setools-console subpackage why fc has not this subpackage?
That's a question for Dan Walsh (cc'd above) or fedora-selinux-list.
ok, i have cc to fedora-selinux-list
i down a setools-3.1-1.src.rpm from tresys site, and encounter a build error:
policy_extend.c: In function 'qpol_policy_build_attrs_from_map': policy_extend.c:170: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) policy_extend.c:170: error: (Each undeclared identifier is reported only once policy_extend.c:170: error: for each function it appears in.) policy_extend.c: In function 'qpol_policy_fill_attr_holes': policy_extend.c:246: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) make[4]: *** [policy_extend.o] Error 1 make[4]: Leaving directory `/workbench/rpmbuild/BUILD/setools-3.1/libqpol/src'
i have not find "HASHTAB_OVERFLOW" in selinux trunk, especially in libsepol. where is this symbol defined?
Those error codes were replaced by standard ones (include/sepol/errcodes.h) in the trunk version of libsepol, so you would need to build setools against the stable branch version of libsepol until they update setools.
thank you.
i play some tricks on the setools :-)
in the spec file of setools-3.1-3.fc7, i find "findcon" and other cmds had been removed:
rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon rm -f ${RPM_BUILD_ROOT}/usr/bin/searchcon rm -f ${RPM_BUILD_ROOT}/usr/bin/indexcon rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/searchcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/indexcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/replcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/findcon.1 rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite
so i comment "findcon relative" items, and add corresponding items in "files" list.
it seems that this kind of "findcon" works.
this is a temporary method, i just want to use findcon to search certain context
How does it differ from find . -context ...?
Stephen Smalley wrote:
On Thu, 2007-03-29 at 19:43 +0800, Ken YANG wrote:
Stephen Smalley wrote:
On Thu, 2007-03-29 at 10:49 +0800, Ken YANG wrote:
i want to use findcon to find a type "tmpfs_t". but in FC, there is setools* package contaning findcon. i find that secmds(findcon) is in setools-console subpackage why fc has not this subpackage?
That's a question for Dan Walsh (cc'd above) or fedora-selinux-list.
ok, i have cc to fedora-selinux-list
i down a setools-3.1-1.src.rpm from tresys site, and encounter a build error:
policy_extend.c: In function 'qpol_policy_build_attrs_from_map': policy_extend.c:170: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) policy_extend.c:170: error: (Each undeclared identifier is reported only once policy_extend.c:170: error: for each function it appears in.) policy_extend.c: In function 'qpol_policy_fill_attr_holes': policy_extend.c:246: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) make[4]: *** [policy_extend.o] Error 1 make[4]: Leaving directory `/workbench/rpmbuild/BUILD/setools-3.1/libqpol/src'
i have not find "HASHTAB_OVERFLOW" in selinux trunk, especially in libsepol. where is this symbol defined?
Those error codes were replaced by standard ones (include/sepol/errcodes.h) in the trunk version of libsepol, so you would need to build setools against the stable branch version of libsepol until they update setools.
thank you.
i play some tricks on the setools :-)
in the spec file of setools-3.1-3.fc7, i find "findcon" and other cmds had been removed:
rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon rm -f ${RPM_BUILD_ROOT}/usr/bin/searchcon rm -f ${RPM_BUILD_ROOT}/usr/bin/indexcon rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/searchcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/indexcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/replcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/findcon.1 rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite
so i comment "findcon relative" items, and add corresponding items in "files" list.
it seems that this kind of "findcon" works.
this is a temporary method, i just want to use findcon to search certain context
How does it differ from find . -context ...?
actually, i forgot it also can be done by "find" :-)) for my purpose,
find certaindir -context "tmpfs_t"
is same with findcon.
but maybe these commands, such as indexcon, will be useful for diagnosing problem in another machine, as said by Christopher j. PeBenito in selinux list
Ken YANG wrote:
Stephen Smalley wrote:
On Thu, 2007-03-29 at 19:43 +0800, Ken YANG wrote:
Stephen Smalley wrote:
On Thu, 2007-03-29 at 10:49 +0800, Ken YANG wrote:
i want to use findcon to find a type "tmpfs_t". but in FC, there is setools* package contaning findcon. i find that secmds(findcon) is in setools-console subpackage why fc has not this subpackage?
That's a question for Dan Walsh (cc'd above) or fedora-selinux-list.
ok, i have cc to fedora-selinux-list
i down a setools-3.1-1.src.rpm from tresys site, and encounter a build error:
policy_extend.c: In function 'qpol_policy_build_attrs_from_map': policy_extend.c:170: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) policy_extend.c:170: error: (Each undeclared identifier is reported only once policy_extend.c:170: error: for each function it appears in.) policy_extend.c: In function 'qpol_policy_fill_attr_holes': policy_extend.c:246: error: 'HASHTAB_OVERFLOW' undeclared (first use in this function) make[4]: *** [policy_extend.o] Error 1 make[4]: Leaving directory `/workbench/rpmbuild/BUILD/setools-3.1/libqpol/src'
i have not find "HASHTAB_OVERFLOW" in selinux trunk, especially in libsepol. where is this symbol defined?
Those error codes were replaced by standard ones (include/sepol/errcodes.h) in the trunk version of libsepol, so you would need to build setools against the stable branch version of libsepol until they update setools.
thank you.
i play some tricks on the setools :-)
in the spec file of setools-3.1-3.fc7, i find "findcon" and other cmds had been removed:
rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon rm -f ${RPM_BUILD_ROOT}/usr/bin/searchcon rm -f ${RPM_BUILD_ROOT}/usr/bin/indexcon rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/searchcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/indexcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/replcon.1 rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/findcon.1 rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite
so i comment "findcon relative" items, and add corresponding items in "files" list.
it seems that this kind of "findcon" works.
this is a temporary method, i just want to use findcon to search certain context
How does it differ from find . -context ...?
actually, i forgot it also can be done by "find" :-)) for my purpose,
find certaindir -context "tmpfs_t"
is same with findcon.
but maybe these commands, such as indexcon, will be useful for diagnosing problem in another machine, as said by Christopher j. PeBenito in selinux list
setools-3_1-4_fc7 will have those tools.
selinux@lists.fedoraproject.org