Errors when using negations in interface calls

Question

Errors when using negations in interface calls

Closed this issue 2 years ago · 6 comments

kernel.if:         [16](https://github.com/SELinuxProject/refpolicy/actions/runs/3053849671/jobs/4924997080#step:7:17)73: (F): syntax error, unexpected DASH (F-001)
 1673 |     init_write_mountpoint_files($1, -proc_type)
      |                                     ^
kernel.if:         1673: (F): Error: Invalid statement (F-001)
 1673 |     init_write_mountpoint_files($1, -proc_type)
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Error: Failed to parse files

https://github.com/SELinuxProject/refpolicy/actions/runs/3053849671/jobs/4924997080#step:7:18

dburgener commented 2 years ago

#245

Answer 1 · 2022-09-17T11:55:20.000Z

Should be fixed by 41a575e

Answer 2 · 2022-09-17T12:21:12.000Z

Thanks for the report, @pebenito and the diagnosis @cgzones. I guess we need a new release to include that commit. Probably v1.3.0. I can make a CHANGELOG update this weekend for that. Christian, what's the path at that point to getting the release to refpolicy? Does it need to make it into a debian release?

Answer 3 · 2022-09-17T12:35:10.000Z

The CI of Refpolicy uses the SELint version from Debian testing.
So it would require a new Debian release and a couple of days migration time from Debian unstable to testing.

Answer 4 · 2022-09-17T14:19:31.000Z

I'm open to a patch that will change refpolicy CI to build a selint tag, similar to how it does for the userspace.

Answer 5 · 2022-09-17T23:05:16.000Z

v1.3.0 is released now, so that is available as needed. Currently Christian's PR to build selint in the refpolicy CI goes directly to the commit hash fixing it, so the release is no longer strictly necessary, but it is available. Regardless, I think this is addressed from the selint side, so I'm going to close this issue and let the refpolicy PR run its course complete the resolution.