[DSE-Dev] Bug#668174: policycoreutils: semanage fails with traceback when adding a permissive domain

Dan McGrath danmcgrath.ca at gmail.com
Mon Apr 9 13:00:57 UTC 2012 

Package: policycoreutils
Version: 2.0.82-3
Severity: normal


While in enforcing mode and trying to add a permissive domain to test a
problem, I noticed that I would get the traceback below about a missing
directory.

Sample command+output:
----------------------
# semanage permissive -a http_t
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 460, in <module>
    process_args(sys.argv[1:])
  File "/usr/sbin/semanage", line 363, in process_args
    OBJECT.add(target)
  File "/usr/lib/pymodules/python2.6/seobject.py", line 275, in add
    os.chdir(dirname)
OSError: [Errno 2] No such file or directory: '/var/lib/selinux'

sestatus output:
----------------
# sestatus -v
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        default

Process contexts:
Current context:                staff_u:sysadm_r:sysadm_t:s0-s0:c0.c1023
Init context:                   system_u:system_r:init_t:s0

File contexts:
Controlling term:               staff_u:object_r:user_devpts_t:s0
/etc/passwd                     system_u:object_r:etc_t:s0
/etc/shadow                     system_u:object_r:shadow_t:s0
/bin/bash                       system_u:object_r:shell_exec_t:s0
/bin/login                      system_u:object_r:login_exec_t:s0
/bin/sh                         system_u:object_r:bin_t:s0 ->
system_u:object_r:shell_exec_t:s0
/sbin/agetty                    system_u:object_r:getty_exec_t:s0
/sbin/init                      system_u:object_r:init_exec_t:s0
/lib/libc.so.6                  system_u:object_r:lib_t:s0 ->
system_u:object_r:lib_t:s0
/lib/ld-linux.so.2              system_u:object_r:lib_t:s0 ->
system_u:object_r:ld_so_t:s0


-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages policycoreutils depends on:
ii  libaudit0             1.7.13-1+b2        Dynamic library for security audit
ii  libc6                 2.11.3-3           Embedded GNU C Library: Shared lib
ii  libpam0g              1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii  libselinux1           2.0.96-1           SELinux runtime shared libraries
ii  libsemanage1          2.0.45-1           SELinux policy management library.
ii  libsepol1             2.0.41-1           SELinux library for manipulating b
ii  lsb-base              3.2-23.2squeeze1   Linux Standard Base 3.2 init scrip
ii  python                2.6.6-3+squeeze6   interactive high-level object-orie
ii  python-selinux        2.0.96-1           Python bindings to SELinux shared
ii  python-semanage       2.0.45-1           Python bindings  for SELinux polic
ii  python-sepolgen       1.0.23-1           A Python module used in SELinux po

Versions of packages policycoreutils recommends:
ii  selinux-policy 2:0.2.20100524-7+squeeze1 Strict and Targeted variants of th

policycoreutils suggests no packages.

-- no debconf information

More information about the SELinux-devel mailing list