Search Criteria
Package Details: selinux-refpolicy-arch 20240916-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/selinux-refpolicy-arch.git (read-only, click to copy) |
|---|---|
| Package Base: | selinux-refpolicy-arch |
| Description: | Modular SELinux reference policy including headers and docs with Arch Linux patches |
| Upstream URL: | https://github.com/SELinuxProject/refpolicy/wiki |
| Keywords: | selinux |
| Licenses: | GPL2 |
| Groups: | selinux |
| Submitter: | IooNag |
| Maintainer: | IooNag |
| Last Packager: | IooNag |
| Votes: | 11 |
| Popularity: | 0.000475 |
| First Submitted: | 2016-01-05 18:05 (UTC) |
| Last Updated: | 2025-01-06 16:36 (UTC) |
Dependencies (5)
- policycoreutilsAUR
- checkpolicyAUR (make)
- git (git-gitAUR, git-glAUR) (make)
- python (python37AUR, python311AUR, python310AUR) (make)
- semodule-utilsAUR (make)
Latest Comments
IooNag commented on 2024-12-29 13:53 (UTC)
@spease, I am currently on holidays with limited Internet connectivity. I saw your message but will probably only be able to work on it from Monday January, 6th. By the way, I mentioned last week on https://github.com/archlinuxhardened/selinux/issues/126#issuecomment-2558460206 , I am aware that selinux-refpolicy-arch has been lagging behind the releases of refpolicy for 1 year, due to lack of time to properly test each release on my side. If you test the latest release and open an issue or a Pull Request (on https://github.com/archlinuxhardened/selinux) saying "I tested refpolicy version 2.20240916 with the build config from https://github.com/archlinuxhardened/selinux-policy-arch/commit/015826e9f9e4449da94b170e287385f88a4f193d and it works", it will help me be more confident when performing updates :)
spease commented on 2024-12-29 10:55 (UTC)
This package hasn't been updated since 2023 and I'm encountering problems with Firefox when trying to use it (https://github.com/SELinuxProject/refpolicy/issues/843). Is it still being updated?
IooNag commented on 2021-01-31 17:50 (UTC)
@huskiesrock1884 Please report such issues upstream, on https://github.com/SELinuxProject/refpolicy/issues
huskiesrock1884 commented on 2021-01-30 20:06 (UTC) (edited on 2021-01-30 20:40 (UTC) by huskiesrock1884)
After over a year I am still encountering errors in the lockdown subsystem where kmod_t and udev_t forbid the use of tracefs. I've been able to skate without rules allowing confidentiality for these types up until last kernel update, at which point I'm seeing log errors that look like this:
AVC avc: denied {confidentiality} for pid=325 comm=systemd-udevd lockdown reason="use of tracefs" scontext=system_u:system_r:udev_t tcontext=system_u:system_r:udev_t tclass=lockdown permissive=0
Could not create tracefs "filter" entry Could not create tracefs "id" entry Could not create tracefs "enable" entry ...
These are showing up practically thousands of times and making it impossible to read the log when it's needed to diagnose problems (after kernel or application panic for instance). Masking tracefs, which one would think prevents it from loading thereby attempts made to use it, doesn't help.
Vhw9w commented on 2019-11-24 05:20 (UTC)
python3 -t -t -E -W error support/sedoctool.py -b policy/booleans.conf -m policy/modules.conf -x doc/policy.xml File "support/sedoctool.py", line 269 if desc.data is not '': ^ SyntaxError: "is not" with a literal. Did you mean "!="? make: *** [Makefile:405: conf.intermediate] Error 1