FS#8232 : Flex 2.5.33 unable to compile SELinux reference policies

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#8232 - Flex 2.5.33 unable to compile SELinux reference policies

Attached to Project: Arch Linux
Opened by Anonymous (abelstern) - Saturday, 06 October 2007, 10:47 GMT
Last edited by Roman Kyrylych (Romashka) - Monday, 08 October 2007, 10:37 GMT

Task Type	Bug Report
Category	Packages: Core
Status	Closed
Assigned To	No-one
Architecture	i686
Severity	Medium
Priority	Normal
Reported Version	2007.08.1
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

The SELinux reference policy from http://oss.tresys.com/repos/refpolicy/trunk fails to compile on Arch.
All goes well until checkpolicy is run, which outputs the following error:

/usr/bin/checkpolicy: loading policy configuration from policy.conf
policy/modules/kernel/corenetwork.te:1467:ERROR 'syntax error' at token ':' on line 8223:

allow corenet_unconfined_type node_type:node *;

After some searching on the SELinux mailing list, it seems this is due to a Flex bug in version 2.5.33 (1)
Fedora 6 has fixed this bug, although I'm not quite sure which patches from their SRPM we need.

Fedora 6 Flex SRPM: http://fedora.kiewel-online.de/core/6/source/SRPMS/flex-2.5.4a-41.fc6.src.rpm
(1) http://www.nsa.gov/selinux/list-archive/0702/19134.cfm
http://marc.info/?l=selinux&m=111222126021662&w=2

This task depends upon

Closed by Roman Kyrylych (Romashka)
Monday, 08 October 2007, 10:37 GMT
Reason for closing: None
Additional comments about closing: closed on author's request

Comments (5)
Related Tasks (0/0)

Comment by Jan de Groot (JGC) - Saturday, 06 October 2007, 13:00 GMT

Latest fedora patches are located here:
http://cvs.fedora.redhat.com/viewcvs/devel/flex/

The SRPM you mentioned is quite outdated. Does this work when patching flex with the patches found in fedora CVS?

Comment by Anonymous (abelstern) - Saturday, 06 October 2007, 15:51 GMT

Using the latest fedora patches, checkpolicy still returns the same error. It seems this is not a flex problem after all?

Comment by Anonymous (abelstern) - Saturday, 06 October 2007, 17:24 GMT

Using the latest fedora patches, checkpolicy still returns the same error. It seems this is not a flex problem after all?

Comment by Anonymous (abelstern) - Saturday, 06 October 2007, 17:55 GMT

Compiling libsepol, flex, libselinux and checkpolicy from the Fedora 7 SRPMs (with patches) did not work, either.
But when I downloaded the checkpolicy RPM from Fedora 7 (1) it worked fine.
The only recursive dependency of checkpolicy (flex' dependencies excluded) I did not compile with Fedora patches is yacc.
(http://fedora.kiewel-online.de/linux/updates/7/i386/checkpolicy-2.0.3-1.fc7.i386.rpm)

Comment by Anonymous (abelstern) - Saturday, 06 October 2007, 17:58 GMT

Checkpolicy works fine when compiled (without any further patches on flex or the selinux libs) using byacc rather than bison.
So this was no flex problem after all, and as checkpolicy is an AUR package, I will file a bug there.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

Arch Linux

FS#8232 - Flex 2.5.33 unable to compile SELinux reference policies

Details

Loading...