On Wed, Nov 17, 2010 at 09:41:49PM +0100, luc nac wrote:
> Now I am trying to use SELinux (targeted policy) in a brand new Gentoo
> stage3 (Kernel 2.6.32-hardened-r9), I tried all versions of
> selinux-base-policy available, but relabeling the file system always
> fails with the same error: "filespec_add: Conflicting specifications
> for ...".
> Am I still doing something wrong? The only thing that I can do to run
> SELinux in Gentoo is try to make my own ebuild?

This is a cosmetic error and shouldn't really be an issue (though I don't
have it myself with a more recent policy snapshot). It means that there are
multiple rules that match the given file, and that the rules might apply a
different label to the inode.

You can see the matching rule(s) using matchpathcon I think:

~# matchpathcon /usr/lib/misc/glibc/getconf
/usr/lib/misc/glibc/getconf     system_u:object_r:lib_t

> # rlpkg -a -r
> Relabeling filesystem types: ext2 ext3 jfs xfs
> filespec_add:  conflicting specifications for /usr/bin/getconf and
> /usr/lib/misc/glibc/getconf/POSIX_V6_ILP32_OFFBIG, using
> system_u:object_r:lib_t.

Looks like it got the right one (unless I'm also running the wrong one ;-)

Wkr,
	Sven Vermeulen