cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cannot compile selinux policy - SQL Anywhere 17.0.4.2098

Former Member

on ‎2016 Aug 10 8:01 PM

0 Kudos
1,563

On a brand new installation of SQL Anywhere 17.0.4.2098 on CentOS 7 x86_64 (build 1511), I have followed the instructions in /opt/sqlanywhere17/selinux/README ... this is what happens when running make:

[root@localhost selinux]# source ../bin64/sa_config.sh
[root@localhost selinux]# make
make: Warning: File `sqlanywhere.if' has modification time 846 s in the future
Compiling targeted sqlanywhere module
/usr/bin/checkmodule:  loading policy configuration from tmp/sqlanywhere.tmp
sqlanywhere.te":145:ERROR 'unknown type sqlanywhere_domains' at token ';' on line 7058:
        typeattribute sqlanywhere_domains  kernel_system_state_reader;
#line 145
/usr/bin/checkmodule:  error(s) encountered while parsing configuration
make: *** [tmp/sqlanywhere.mod] Error 1

The contents of Makefile are:

# installation paths
SHAREDIR := /usr/share/selinux

AWK ?= gawk
NAME ?= $(strip $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config))

ifeq ($(MLSENABLED),)
        MLSENABLED := 1
endif

ifeq ($(MLSENABLED),1)
        NTYPE = mcs
endif

ifeq ($(NAME),mls)
        NTYPE = mls
endif

TYPE ?= $(NTYPE)

HEADERDIR := $(SHAREDIR)/devel/include
include $(HEADERDIR)/Makefile

I can't get this to compile... what's up? I can't get the service to start with selinux enforcing.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
Former Member
‎2016 Aug 11 4:50 PM
0 Kudos

we're looking into this ...

As far as I know CentOS support of SELinux was a new feature of CentOS 7 and it may just not be configured or may have it's own issues.

On the other hand, the exception you are seeing seems more fundamental and may indicate something else. The feature you are using was designed back in the 11.0.x days and was function on Red Hat Enterprise Linux 5 and has not changed in any significant way since then.

someone will follow up with more info ...

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎2016 Aug 11 6:46 PM

The implementation of selinux was designed and tested for Red Hat Enterprise Linux 5 and the feature provided only has that guarantee. It may need to be adjusted to work with other distributions; may even possibly required even with newer versions or RHEL. And since RHEL 5 is still a supported platform we cannot reject the current implementation.

One would need to look into the behaviour you are seeing in more detail. One part of that exercise would likely need to start by comparing the sqlanywhere.tmp generated on CentOS 7 and compare that to that generated on the supported platform. A comparison of the GCC version level and GNU libraries might also reveal something more about this failure.

If you continue to work on this do share your additional findings. If at some point you need more assistance I would recommend contacting SAP Product Support so this can be worked on.

Show replies
Show replies
Ask a Question