|
On a brand new installation of SQL Anywhere 17.0.4.2098 on CentOS 7 x86_64 (build 1511), I have followed the instructions in /opt/sqlanywhere17/selinux/README ... this is what happens when running make: [root@localhost selinux]# source ../bin64/sa_config.sh
[root@localhost selinux]# make
make: Warning: File `sqlanywhere.if' has modification time 846 s in the future
Compiling targeted sqlanywhere module
/usr/bin/checkmodule: loading policy configuration from tmp/sqlanywhere.tmp
sqlanywhere.te":145:ERROR 'unknown type sqlanywhere_domains' at token ';' on line 7058:
typeattribute sqlanywhere_domains kernel_system_state_reader;
#line 145
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/sqlanywhere.mod] Error 1
The contents of Makefile are: # installation paths
SHAREDIR := /usr/share/selinux
AWK ?= gawk
NAME ?= $(strip $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config))
ifeq ($(MLSENABLED),)
MLSENABLED := 1
endif
ifeq ($(MLSENABLED),1)
NTYPE = mcs
endif
ifeq ($(NAME),mls)
NTYPE = mls
endif
TYPE ?= $(NTYPE)
HEADERDIR := $(SHAREDIR)/devel/include
include $(HEADERDIR)/Makefile
I can't get this to compile... what's up? I can't get the service to start with selinux enforcing. |
|
The implementation of selinux was designed and tested for Red Hat Enterprise Linux 5 and the feature provided only has that guarantee. It may need to be adjusted to work with other distributions; may even possibly required even with newer versions or RHEL. And since RHEL 5 is still a supported platform we cannot reject the current implementation. One would need to look into the behaviour you are seeing in more detail. One part of that exercise would likely need to start by comparing the sqlanywhere.tmp generated on CentOS 7 and compare that to that generated on the supported platform. A comparison of the GCC version level and GNU libraries might also reveal something more about this failure. If you continue to work on this do share your additional findings. If at some point you need more assistance I would recommend contacting SAP Product Support so this can be worked on. |
we're looking into this ...
As far as I know CentOS support of SELinux was a new feature of CentOS 7 and it may just not be configured or may have it's own issues.
On the other hand, the exception you are seeing seems more fundamental and may indicate something else. The feature you are using was designed back in the 11.0.x days and was function on Red Hat Enterprise Linux 5 and has not changed in any significant way since then.
someone will follow up with more info ...