[DSE-Dev] Bug#668954: policycoreutils: /usr/bin/sandbox "Invalid argument" error

Alejandro Carrazzoni ale.carrazzoni at gmail.com
Mon Apr 16 00:52:23 UTC 2012 

Package: policycoreutils
Version: 2.1.10-6
Severity: grave
Tags: upstream
Justification: renders package unusable

When attempting to use the sandbox command on permissive mode, without the -H
or -T options, the following error message appears, regardless of the command
entered:

/usr/bin/sandbox: [Errno 22] Invalid argument

When attempting to use the command with the -H and -T options, a different
error message appeared, regardless of command used:

Could not set exec context to
unconfined_u:unconfined_r:sandbox_x_t:s0:c236,c539.
Failed to remove directory /tmp/.sandbox-root-vfZJIt: No such file or directory

Therefore I can't use the sandbox command. When attempting to run it under
enforced mode, it isn't allowed to run due to missing type enforcement
policies. If I add the missing policies, the same errors that appear on
permissive mode show up.



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages policycoreutils depends on:
ii  dpkg              1.16.2
ii  libaudit0         1:1.7.18-1.1
ii  libc6             2.13-27
ii  libcap-ng0        0.6.6-1
ii  libcap2           1:2.22-1
ii  libcgroup1        0.37.1-1
ii  libdbus-1-3       1.5.12-1
ii  libdbus-glib-1-2  0.98-1
ii  libglib2.0-0      2.32.0-4
ii  libpam0g          1.1.3-7
ii  libpcre3          1:8.30-4
ii  libselinux1       2.1.9-4
ii  libsemanage1      2.1.6-5
ii  libsepol1         2.1.4-3
ii  lsb-base          4.1+Debian0
ii  psmisc            22.16-1
ii  python            2.7.2-10
ii  python-ipy        1:0.75-1
ii  python-selinux    2.1.9-4
ii  python-semanage   2.1.6-5
ii  python-sepolgen   1.1.5-3
ii  python-setools    3.3.7-2
ii  python2.6         2.6.7-4
ii  python2.7         2.7.3~rc2-2

Versions of packages policycoreutils recommends:
ii  selinux-policy-default  2:2.20110726-3

Versions of packages policycoreutils suggests:
pn  selinux-policy-dev  <none>

-- no debconf information

More information about the SELinux-devel mailing list