[DSE-Dev] Bug#677730: policycoreutils: sepolgen-ifgen doesn't work if policy utils are newer than the kernel

[Russell Coker]

Package: policycoreutils
Version: 2.1.10-8
Severity: normal

When sepolgen-ifgen is run it first looks at the policyvers file in the
selinuxfs and then looks at the running policy.  If policyvers says version
24 (IE the kernel from Squeeze) and all the utilities are from Wheezy (which
generate a policy.26 file) then load_policy works fine (it downgrades the
policy to version 24) but sepolgen-ifgen doesn't work as it starts looking
at version 24 and then looks for lower numbers.

If sepolgen-ifgen can't find a policy that matches the kernel version then it
should start with the highest number it supports and then work it's way down.

-- System Information:
Debian Release: wheezy/sid
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages policycoreutils depends on:
ii  dpkg              1.16.4.2
ii  libaudit0         1:1.7.18-1.1
ii  libc6             2.13-33
ii  libcap-ng0        0.6.6-1
ii  libcap2           1:2.22-1.1
ii  libcgroup1        0.37.1-2
ii  libdbus-1-3       1.6.0-1
ii  libdbus-glib-1-2  0.98-1
ii  libglib2.0-0      2.32.3-1
ii  libpam0g          1.1.3-7.1
ii  libpcre3          1:8.30-5
ii  libselinux1       2.1.9-5
ii  libsemanage1      2.1.6-6
ii  libsepol1         2.1.4-3
ii  lsb-base          4.1+Debian7
ii  psmisc            22.17-2
ii  python            2.7.3~rc2-1
ii  python-ipy        1:0.75-1
ii  python-selinux    2.1.9-5
ii  python-semanage   2.1.6-6
ii  python-sepolgen   1.1.5-3
ii  python-setools    3.3.7-2
ii  python2.6         2.6.7-4
ii  python2.7         2.7.3~rc2-2.1

Versions of packages policycoreutils recommends:
ii  selinux-policy-default  2:2.20110726-5

Versions of packages policycoreutils suggests:
ii  selinux-policy-dev  2:2.20110726-5

-- no debconf information