--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
08-22-2012, 08:06 AM
Milos Malik
semanage 'utf8' error
Hi Gordon,
if you wanted to load the policy module into memory, here is the command:
# semodule -i ./puppetmaster.pp
Milos
----- Original Message -----
> Hi List
>
>
> I am trying to install a set of selinux rule definitions, but when I
> run
>
> # semanage -i ./puppetmaster.pp
>
>
> to install the rules, I get the following error message:
>
> /usr/sbin/semanage: utf8
>
>
> I get exit code 1, and my module does not load.
>
>
> My system is RHEL 6.3 with latest updates.
>
>
> It is in the 'en_US.UTF-8' locale.
>
>
> What does this error message mean?
>
> I have tried various LANG env var changes, but can't get the rules to
> load.
>
>
> This is the '.te' file which compiles successfully into the
> 'puppetmaster.pp' file:
>
>
>
>
> module puppetmaster 1.0;
>
> require {
> type httpd_passenger_helper_t;
> type puppet_var_run_t;
> type puppet_log_t;
> type puppet_var_lib_t;
> type user_devpts_t;
> type httpd_t;
> type proc_net_t;
> type certmonger_t;
> class file { rename setattr relabelfrom create write read
> getattr
> relabelto open };
> class dir { search setattr relabelfrom create write read
> getattr
> rmdir remove_name relabelto add_name };
> class chr_file { read write };
> }
>
> #============= certmonger_t ==============
> #!!!! The source type 'certmonger_t' can write to a 'dir' of the
> following
> types:
> # certmonger_var_lib_t, certmonger_var_run_t, cert_t,
> dirsrv_config_t,
> var_lib_t, var_run_t, root_t
>
> allow certmonger_t puppet_var_lib_t:dir { write search getattr
> add_name };
> #!!!! The source type 'certmonger_t' can write to a 'file' of the
> following
> types:
> # certmonger_var_lib_t, certmonger_var_run_t, cert_t,
> dirsrv_config_t,
> root_t
>
> allow certmonger_t puppet_var_lib_t:file { write read create open
> getattr };
>
> #============= httpd_passenger_helper_t ==============
> allow httpd_passenger_helper_t user_devpts_t:chr_file { read write };
>
> #============= httpd_t ==============
> allow httpd_t proc_net_t:file { read getattr open };
> #!!!! The source type 'httpd_t' can write to a 'dir' of the following
> types:
> # httpd_log_t, dirsrv_config_t, httpd_tmp_t, dirsrvadmin_tmp_t,
> httpd_cache_t, httpd_tmpfs_t, httpd_squirrelmail_t, dirsrv_var_log_t,
> zarafa_var_lib_t, dirsrv_var_run_t, httpd_var_run_t,
> dirsrvadmin_config_t,
> squirrelmail_spool_t, passenger_var_run_t, httpdcontent,
> httpd_cobbler_rw_content_t, httpd_munin_rw_content_t,
> httpd_bugzilla_rw_content_t, httpd_cvs_rw_content_t,
> httpd_git_rw_content_t, httpd_sys_rw_content_t,
> httpd_sys_rw_content_t,
> httpd_nagios_rw_content_t, httpd_nutups_cgi_rw_content_t,
> httpd_apcupsd_cgi_rw_content_t, httpd_mediawiki_rw_content_t,
> httpd_squid_rw_content_t, httpd_smokeping_cgi_rw_content_t,
> httpd_prewikka_rw_content_t, httpd_dirsrvadmin_rw_content_t,
> httpd_w3c_validator_rw_content_t, httpd_awstats_rw_content_t,
> httpd_user_rw_content_t
>
> allow httpd_t puppet_log_t:dir { write add_name setattr };
> allow httpd_t puppet_log_t:file { write relabelfrom create relabelto
> };
> allow httpd_t puppet_var_lib_t:dir { setattr relabelfrom create write
> read
> rmdir relabelto remove_name add_name };
> allow httpd_t puppet_var_lib_t:file { write rename create setattr };
> allow httpd_t puppet_var_run_t:dir { search getattr };
>
>
>
> thanks,
> Gordon
>
>
> --
> Gordon Grant
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
08-22-2012, 02:46 PM
Alan Near
semanage 'utf8' error
On Tue, 2012-08-21 at 16:53 +0100, Gordon Grant wrote:
> I am trying to install a set of selinux rule definitions, but when I
> run
> # semanage -i ./puppetmaster.pp
I guess, you’ve mistyped semodule.
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
08-22-2012, 03:16 PM
Gordon Grant
semanage 'utf8' error
Thanks, yes I couldn't see the woods for the trees!
Gordon
On Aug 22, 2012 3:46 PM, "Alan Near" <alannear@alannear.com> wrote:
On Tue, 2012-08-21 at 16:53 +0100, Gordon Grant wrote:
> I am trying to install a set of selinux rule definitions, but when I
> run
> # semanage -i ./puppetmaster.pp
I guess, you’ve mistyped semodule.
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
08-27-2012, 11:56 PM
Daniel J Walsh
semanage 'utf8' error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
semanage -i ./puppetmaster.pp
Was looking for semanage commands within the puppetmaster.pp file to execute
in a transaction.
On 08/22/2012 11:16 AM, Gordon Grant wrote:
> Thanks, yes I couldn't see the woods for the trees!
>
> Gordon
>
> On Aug 22, 2012 3:46 PM, "Alan Near" <alannear@alannear.com
> <mailto:alannear@alannear.com>> wrote:
>
> On Tue, 2012-08-21 at 16:53 +0100, Gordon Grant wrote:
>> I am trying to install a set of selinux rule definitions, but when I run
>> # semanage -i ./puppetmaster.pp
>
> I guess, you’ve mistyped semodule. -- selinux mailing list
> selinux@lists.fedoraproject.org <mailto:selinux@lists.fedoraproject.org>
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
>
> -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
semanage 'utf8' error
