audit2allow error and explanation.

While troubleshooting some SELinux enforcement related issues using audit2allow, an ERROR message presented itself. After some research, a logical explanation was presented.

The following error is an implication that there were no avc denials in the /var/log/uadit/audit.log and that the generated module was empty.

[root@centos68opt]# grep iptables /var/log/audit/audit.log | audit2allow -M mypolicy
compilation failed:
mypolicy.te:6:ERROR 'syntax error' at token '' on line 6:


/usr/bin/checkmodule:  error(s) encountered while parsing configuration
/usr/bin/checkmodule:  loading policy configuration from mypolicy.te

That response was satisfactory and also correct for this situation. However, when running an all inclusive command (without grepping for something specific), there were issues that needed to be addressed.

audit2allow -a -M local

Source:
https://www.redhat.com/archives/fedora-selinux-list/2007-May/msg00020.html