Bug#362025: marked as done (semanage: segmentation fault when trying to load base policy module)

Debian Bug Tracking System Sat, 19 Aug 2006 11:24:29 -0700

Your message dated Sat, 19 Aug 2006 12:54:41 -0500
with message-id <[EMAIL PROTECTED]>
and subject line This has been fixed in the latest round of upgrades
has caused the attached Bug report to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Package: policycoreutils
Version: 1.28-6
Severity: normal

I tried to load policy modules.
I packaged the default policy into a base policy as described here:
http://sepolicy-server.sourceforge.net/index.php?page=module-overview

Then I did this:
#semodule -v -b base.pp
I first got an error about missing seusers from /etc/selinux/./modules/active, 
so I copied it there.
Then I ran the command again, and I got a segfault:

Attempting to install base module '/etc/selinux/src/base.pp':
Ok: return value of 0.
Committing changes:

Program received signal SIGSEGV, Segmentation fault

Here it is the backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x000000306590bc24 in semanage_module_get_version () from /lib/libsemanage.so.1
(gdb) bt
#0  0x000000306590bc24 in semanage_module_get_version () from 
/lib/libsemanage.so.1
#1  0x000000306591108c in semanage_seuser_iterate () from /lib/libsemanage.so.1
#2  0x0000003065907c5b in semanage_context_to_string () from 
/lib/libsemanage.so.1
#3  0x0000003065907239 in semanage_context_to_string () from 
/lib/libsemanage.so.1
#4  0x0000003065907859 in semanage_context_to_string () from 
/lib/libsemanage.so.1
#5  0x0000003065910e47 in semanage_seuser_iterate () from /lib/libsemanage.so.1
#6  0x000000306590c7ef in semanage_module_get_version () from 
/lib/libsemanage.so.1
#7  0x00000030659104d3 in semanage_reload_policy () from /lib/libsemanage.so.1
#8  0x0000003065909d58 in semanage_msg_set_callback () from 
/lib/libsemanage.so.1
#9  0x000000306590acd6 in semanage_commit () from /lib/libsemanage.so.1
#10 0x00000000004017f4 in ?? ()
#11 0x000000300d11c4ca in __libc_start_main () from /lib/libc.so.6
#12 0x00000000004011ca in ?? ()
#13 0x00007fffffdafcc8 in ?? ()
#14 0x00000030001179c0 in rtld_errno () from /lib64/ld-linux-x86-64.so.2
#15 0x0000000000000004 in ?? ()
#16 0x00007fffffdb0694 in ?? ()
#17 0x00007fffffdb06a7 in ?? ()
#18 0x00007fffffdb06aa in ?? ()
#19 0x00007fffffdb06ad in ?? ()
#20 0x0000000000000000 in ?? ()

Maybe semodule can't handle the debian selinux policy, so I downloaded the 
reference policy, built it as targeted, and modular.
I installed it, and then tried loading the base module. Same segmentation fault.

The contents of my seusers file is this (copied from reference 
policy/config/app-targeted/seusers):
root:root
__default__:user_u

Is this correct?
I found this thread http://www.nsa.gov/selinux/list-archive/0511/13542.cfm 
talking about the problem of migrating from
monolithic to modular policy, and the need of creating seusers. I did create 
seusers, and I got that segfault.
Maybe modular policy needs more files to be copied, does anybody know what else 
is needed?

Anyway semanage shouldn't segfault if it misses some files, it should give an 
error message.
Let me know if I can help you in fixing this bug (by providing more detailed 
information, testing patches, etc.)

P.S.: Is the Debian BTS the proper place to file SELinux tools bugs?

Thanks,
Edwin


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-amd64-k8
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages policycoreutils depends on:
ii  libc6                         2.3.6-5    GNU C Library: Shared libraries an
ii  libpam0g                      0.79-3.1   Pluggable Authentication Modules l
ii  libselinux1                   1.30-1     SELinux shared libraries
ii  libsemanage1                  1.4-4      shared libraries used by SELinux p
ii  libsepol1                     1.12-1     Security Enhanced Linux policy lib
ii  python2.4                     2.4.2-2    An interactive high-level object-o
ii  python2.4-selinux             1.30-1     Python2.4 bindings to SELinux shar
ii  python2.4-semanage            1.4-4      Python2.4 bindings  for SELinux po

policycoreutils recommends no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

Hi,

        The policycoreutils and refpolicy in Sid are now compatible
 with each other.

        Thanks for your interest in SELinux.

        manoj
-- 
"Call immediately.  Time is running out.  We both need to do something
monstrous before we die." -- Message from Ralph Steadman to Hunter
Thompson
Manoj Srivastava     <[EMAIL PROTECTED]>    <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

--- End Message ---

Bug#362025: marked as done (semanage: segmentation fault when trying to load base policy module)

Reply via email to