[DSE-Dev] Bug#888722: Bug#888722: policycoreutils-python-utils: semanage port -a fails when python3-numpy is installed

Andrew Worsley amworsley at gmail.com
Sat Mar 3 03:30:23 UTC 2018


I get a very similar failure doing a simple " semanage login -l "

root at kvm:/home/amw# semanage login -l
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 28, in <module>
    import seobject
  File "/usr/lib/python3/dist-packages/seobject.py", line 34, in <module>
    import sepolicy
  File "/usr/lib/python3/dist-packages/sepolicy/__init__.py", line 8,
in <module>
    import setools
  File "/usr/lib/python3/dist-packages/setools/__init__.py", line 74,
in <module>
    from .infoflow import InfoFlowAnalysis
  File "/usr/lib/python3/dist-packages/setools/infoflow.py", line 22,
in <module>
    import networkx as nx
  File "/usr/lib/python3/dist-packages/networkx/__init__.py", line 93,
in <module>
    import networkx.linalg
  File "/usr/lib/python3/dist-packages/networkx/linalg/__init__.py",
line 9, in <module>
    from networkx.linalg.algebraicconnectivity import *
  File "/usr/lib/python3/dist-packages/networkx/linalg/algebraicconnectivity.py",
line 18, in <module>
    from numpy import (array, asmatrix, asarray, dot, matrix, ndarray, ones,
  File "/usr/lib/python3/dist-packages/numpy/__init__.py", line 142, in <module>
    from . import add_newdocs
  File "/usr/lib/python3/dist-packages/numpy/add_newdocs.py", line 13,
in <module>
    from numpy.lib import add_newdoc
  File "/usr/lib/python3/dist-packages/numpy/lib/__init__.py", line 8,
in <module>
    from .type_check import *
  File "/usr/lib/python3/dist-packages/numpy/lib/type_check.py", line
11, in <module>
    import numpy.core.numeric as _nx
  File "/usr/lib/python3/dist-packages/numpy/core/__init__.py", line
33, in <module>
    from . import _internal  # for freeze programs
  File "/usr/lib/python3/dist-packages/numpy/core/_internal.py", line
14, in <module>
    import ctypes
  File "/usr/lib/python3.5/ctypes/__init__.py", line 537, in <module>
    _reset_cache()
  File "/usr/lib/python3.5/ctypes/__init__.py", line 276, in _reset_cache
    CFUNCTYPE(c_int)(lambda: None)
MemoryError

  * I repeated it with an strace got suspect this snippet might be relevant:

....
stat("/usr/lib/python3.5", {st_mode=S_IFDIR|0755, st_size=12288, ...}) = 0
stat("/usr/lib/python3.5/ctypes/__init__.cpython-35m-x86_64-linux-gnu.so",
0x7ffc31b69430) = -1 ENOENT (No such file or directory)
stat("/usr/lib/python3.5/ctypes/__init__.abi3.so", 0x7ffc31b69430) =
-1 ENOENT (No such file or directory)
stat("/usr/lib/python3.5/ctypes/__init__.so", 0x7ffc31b69430) = -1
ENOENT (No such file or directory)
stat("/usr/lib/python3.5/ctypes/__init__.py", {st_mode=S_IFREG|0644,
st_size=16847, ...}) = 0
stat("/usr/lib/python3.5/ctypes/__init__.py", {st_mode=S_IFREG|0644,
st_size=16847, ...}) = 0
open("/usr/lib/python3.5/ctypes/__pycache__/__init__.cpython-35.pyc",
O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=17508, ...}) = 0
lseek(3, 0, SEEK_CUR)                   = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=17508, ...}) = 0
read(3, "\27\r\r\n\370\310\200X\317A\0\0\343\0\0\0\0\0\0\0\0\0\0\0\0\f\0\0\0@\0\0"...,
17509) = 17508
read(3, "", 1)                          = 0
close(3)                                = 0
mmap(NULL, 262144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x7f56e00a8000
open("/tmp", O_RDWR|O_EXCL|O_DIRECTORY|O_CLOEXEC|O_TMPFILE, 0700) = 3
ftruncate(3, 4096)                      = 0
mmap(NULL, 4096, PROT_READ|PROT_EXEC, MAP_SHARED, 3, 0) = -1 EACCES
(Permission denied)
close(3)                                = 0
open("/var/tmp", O_RDWR|O_EXCL|O_DIRECTORY|O_CLOEXEC|O_TMPFILE, 0700) = 3
ftruncate(3, 4096)                      = 0
mmap(NULL, 4096, PROT_READ|PROT_EXEC, MAP_SHARED, 3, 0) = -1 EACCES
(Permission denied)
close(3)                                = 0
open("/dev/shm", O_RDWR|O_EXCL|O_DIRECTORY|O_CLOEXEC|O_TMPFILE, 0700)
= -1 EACCES (Permission denied)
open("/root", O_RDWR|O_EXCL|O_DIRECTORY|O_CLOEXEC|O_TMPFILE, 0700) =
-1 EACCES (Permission denied)
open("/etc/mtab", O_RDONLY|O_CLOEXEC)   = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "sysfs /sys sysfs rw,seclabel,nos"..., 1024) = 1024
access("/dev", W_OK)                    = -1 EACCES (Permission denied)
access("/", W_OK)                       = -1 EACCES (Permission denied)
access("/sys/fs/selinux", W_OK)         = -1 EACCES (Permission denied)
access("/dev/shm", W_OK)                = -1 EACCES (Permission denied)
read(3, "oup rw,nosuid,nodev,noexec,relat"..., 1024) = 1024
access("/proc/sys/fs/binfmt_misc", W_OK) = -1 EACCES (Permission denied)
access("/sys/kernel/debug", W_OK)       = -1 EACCES (Permission denied)
access("/dev/mqueue", W_OK)             = -1 EACCES (Permission denied)
access("/dev/hugepages", W_OK)          = -1 EACCES (Permission denied)
read(3, "/1000 tmpfs rw,seclabel,nosuid,n"..., 1024) = 90
access("/run/user/1000", W_OK)          = -1 EACCES (Permission denied)
read(3, "", 1024)                       = 0
close(3)                                = 0
open("/proc/mounts", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "sysfs /sys sysfs rw,seclabel,nos"..., 1024) = 1024
access("/dev", W_OK)                    = -1 EACCES (Permission denied)
access("/", W_OK)                       = -1 EACCES (Permission denied)
access("/sys/fs/selinux", W_OK)         = -1 EACCES (Permission denied)
access("/dev/shm", W_OK)                = -1 EACCES (Permission denied)
read(3, "oup rw,nosuid,nodev,noexec,relat"..., 1024) = 1024
access("/proc/sys/fs/binfmt_misc", W_OK) = -1 EACCES (Permission denied)
access("/sys/kernel/debug", W_OK)       = -1 EACCES (Permission denied)
access("/dev/mqueue", W_OK)             = -1 EACCES (Permission denied)
access("/dev/hugepages", W_OK)          = -1 EACCES (Permission denied)
read(3, "/1000 tmpfs rw,seclabel,nosuid,n"..., 1024) = 90
access("/run/user/1000", W_OK)          = -1 EACCES (Permission denied)
read(3, "", 1024)                       = 0
close(3)                                = 0
write(2, "Traceback (most recent call last"..., 35Traceback (most
recent call last):
) = 35
write(2, "  File \"/usr/sbin/semanage\", lin"..., 50  File
"/usr/sbin/semanage", line 28, in <module>
) = 50
open("/usr/sbin/semanage", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0755, st_size=37131, ...}) = 0
....

I'm running debian stretch in kvm with selinux enforcing
root at kvm:/home/amw# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             default
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      30

  semanage from 2.6-3

root at kvm:/home/amw# dpkg -l policycoreutils-python-utils
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name              Version       Architecture  Description
+++-=================-=============-=============-=======================================
ii  policycoreutils-p 2.6-3         amd64         SELinux core policy
utilities (Python u



More information about the SELinux-devel mailing list