selinux October 2012 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Question about policy module error message

Question about policy module error message

From: Moyer, Thomas - 0668 - MITLL <thomas.moyer_at_nospam>
Date: Tue Oct 23 2012 - 19:28:16 GMT
To: "" <>

I am trying to build an SELinux policy module for a piece of software I am
writing. I used sepolgen to create an initial skeleton policy (running on
Red Hat Enterprise Linux 6). I get the following error when I try and
install the policy:

sudo ./
Building and Loading Policy
+ make -f /usr/share/selinux/devel/Makefile
make: Nothing to be done for `all'.
+ /usr/sbin/semodule -i interface.pp
libsemanage.semanage_fc_sort: WARNING: semanage_fc_sort: Incomplete context.
libsepol.sepol_context_from_string: malformed context "dnl"
libsepol.sepol_context_from_string: could not construct context from string
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert dnl to sid
invalid context dnl
libsemanage.semanage_install_active: setfiles returned error code 1.
/usr/sbin/semodule: Failed!

Below is the interface.fc file since I think the error might be in there.
/usr/local/bin/interface --
/usr/local/libexec/interface gen_context(system_u:object_r:usr_t,s0)
/usr/local/libexec/interface/WebApp.jar --
/usr/local/libexec/interface/keystore --

Not sure how to go about debugging this.

Thanks for the help.


-- Thomas Moyer, Technical Staff voice: (781) 981-1374 Cyber Systems Technology Group mobile: (857) 268-0493 MIT Lincoln Laboratory email: 244 Wood Street Lexington, MA 02420

-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to with the words "unsubscribe selinux" without quotes as the message.