Your message dated Mon, 11 Sep 2006 17:47:38 -0500 with message-id <[EMAIL PROTECTED]> and subject line These bugs have been fixed in the current incarnation of repolicy has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: selinux-policy-refpolicy-targeted Version: 0.0.20060813-2 Severity: normal (as usual, making a guess as to the likeliest package involved) After upgrading selinux-policy-refpolicy-targeted to 0.0.20060813-1 tonight, I've started seeing errors from everything which checks file_contexts before creating files -- dpkg, install(1), etc. A typical example would be this one (I've uniq'd the errors): Selecting previously deselected package libcompress-zlib-perl. (Reading database ... 29728 files and directories currently installed.) Unpacking libcompress-zlib-perl (from .../libcompress-zlib-perl_1.41-1_powerpc.deb) ... file_contexts: invalid context system_u:object_r:lib_t file_contexts: invalid context system_u:object_r:shlib_t file_contexts: invalid context system_u:object_r:lib_t file_contexts: invalid context system_u:object_r:man_t file_contexts: invalid context system_u:object_r:usr_t Running dpkg under strace, it's opening and reading file_contexts, seemingly picking a suitable entry, then trying to verify it, which fails: open("/selinux/context", O_RDWR|O_LARGEFILE) = 9 write(9, "system_u:object_r:shlib_t\0", 26) = -1 EINVAL (Invalid argument) close(9) = 0 write(2, "file_contexts: invalid context "..., 58) = 58 open("/usr/lib/perl5/auto/Compress/Zlib/Zlib.so.dpkg-new", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE, 0) = 9 ... and indeed I can't apply that context to the file once installed, the way it appears in file_contexts: jezebel:~# chcon system_u:object_r:shlib_t /usr/lib/perl5/auto/Compress/Zlib/Zlib.so ; echo $? chcon: failed to change context of /usr/lib/perl5/auto/Compress/Zlib/Zlib.so to system_u:object_r:shlib_t: Invalid argument 1 ... but with a sensitivity level, it's fine: jezebel:~# chcon system_u:object_r:shlib_t:s0 /usr/lib/perl5/auto/Compress/Zlib/Zlib.so ; echo $? 0 The same invalid arg error can be obtained by echoing the context with and without the sensitivity level into /selinux/context. The relevant entry from /etc/selinux/refpolicy-targeted/contexts/files/file_contexts reads thusly: /usr/(.*/)?lib/.+\.so -- system_u:object_r:shlib_t As a simpler repro case, simply trying to create a file via install encounters the same issue: % install foo.c /usr/src/t/bar.c file_contexts: invalid context system_u:object_r:src_t % ls -Z /usr/src/t/bar.c -rwxr-xr-x aqua src root:object_r:src_t:s0 /usr/src/t/bar.c % install -Z system_u:object_r:src_t:s0 foo.c /usr/src/t/bar.c % ls -Z /usr/src/t/bar.c -rwxr-xr-x aqua src system_u:object_r:src_t:s0 /usr/src/t/bar.c -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.6 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages selinux-policy-refpolicy-targeted depends on: ii libpam-modules 0.79-3.1 Pluggable Authentication Modules f ii libselinux1 1.30.26-2 SELinux shared libraries ii policycoreutils 1.30.26-3 SELinux core policy utilities ii python 2.3.5-11 An interactive high-level object-o Versions of packages selinux-policy-refpolicy-targeted recommends: ii checkpolicy 1.30.10-2 SELinux policy compiler ii setools 2.4-1 Tresys tools for managing SE Linux -- debconf-show failed
--- End Message ---
--- Begin Message ---Version: 0.0.20060907-3 Hi, While the current refpolicy is not perfect, it at least does not exhibit these problems. manoj -- Three hours a day will produce as much as a man ought to write. Trollope Manoj Srivastava <[EMAIL PROTECTED]> <http://www.golden-gryphon.com/> 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--- End Message ---
