Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Red Hat This forum is for the discussion of Red Hat Linux.


  Search this Thread
Old 05-11-2009, 09:25 AM   #1
LQ Newbie
Registered: May 2009
Posts: 2

Rep: Reputation: 0
Unhappy SELinux: RHEL4 to RHEL5 rules migration - unknown type var_lib_t in RHEL5


I try to rewrite RHEL4 SELinux jboss rule to RHEL5. I have troubles with porting jboss.te file to RHEL5 because RHEL5 is missing basic attributes like: var_lib_t, sysadmfile, initrc_t, sysadm_t, fonts_t, proc_t and other basic types. Can you tell me how to replace these missing types or what to install if I miss something?

In RHEL4 these missing types are defined in files stored in /etc/selinux/targeted/src/policy/domains/program.
On RHEL5 there is no such files and these types are not defined at all.
I tried to copy these files from RHEL4 to RHEL5 but make on RHEL5 does not see them and still returns errors like this one:

Compiling targeted jboss module
/usr/bin/checkmodule: loading policy configuration from tmp/jboss.tmp
jboss.te:113:ERROR 'unknown type var_lib_t' at token ';' on line 92422:
allow jboss_t var_lib_t:dir search;
#allow jboss_t fonts_t:file r_file_perms;
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/jboss.mod] Error 1

please help,
Old 05-11-2009, 10:43 AM   #2
Registered: Feb 2009
Posts: 63

Rep: Reputation: 16
Contexts should be somewhere in /etc/selinux/targeted/.* as .*context(s?). Attaching your semodule plaintext sources could help.
Old 05-12-2009, 03:14 AM   #3
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,893

Rep: Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613Reputation: 2613
Given that RH own RHEL & JBOSS, a fresh install of both should produce a working system. SELinux was amended considerably between the 2 versions. I wouldn't bother trying to port the old SELinux rules.
In fact, I saw somewhere in the docs that they don't support upgrades across major RHEL versions eg RHEL 4 -> 5 and this is probably one of the reasons why; too much has changed to reliably produce a reliable system.

Last edited by chrism01; 05-12-2009 at 03:16 AM.


error, selinux, token, type, unknown

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Upgrade RHEL4 to RHEL5 mfons Linux - Server 3 03-06-2009 03:45 AM
Determining patch level of Redhat RHEL5 vs RHEL5.1 or RHEL4.5-4.6 dfezz1 Linux - Newbie 2 01-23-2009 09:17 AM
SELinux is blocking Webalizer on RHEL5.2 Install BeauSanders Linux - Security 1 10-01-2008 02:17 PM
Downrev from RHEL5 to RHEL4 rhe Linux - Newbie 1 06-11-2008 05:58 AM
Rhel4/ Rhel5 rehan999 Linux - Software 2 08-31-2007 11:42 PM > Forums > Linux Forums > Linux - Distributions > Red Hat

All times are GMT -5. The time now is 05:15 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration