Your message dated Thu, 06 Feb 2014 21:24:01 +0000 with message-id <[email protected]> and subject line Bug#732857: fixed in refpolicy 2:2.20140206-1 has caused the Debian Bug report #732857, regarding selinux-policy-default: SELINUX_ERR invalid context, since update to 2:2.20131214-1 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 732857: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732857 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: selinux-policy-default Version: 2:2.20131214-1 Severity: normal Bonjour, Since I upgraded to 2:2.20131214-1, I have lots of logs in audit.log and syslog. They are about sshd and hddtemp. type=SELINUX_ERR msg=audit(1387729606.524:178): security_compute_sid: invalid context unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 for scontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tclass=unix_stream_socket type=SELINUX_ERR msg=audit(1387729606.556:181): security_compute_sid: invalid context unconfined_u:system_r:unconfined_t:s0-s0:c0.c1023 for scontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=process type=SELINUX_ERR msg=audit(1387729595.732:156): security_compute_sid: invalid context unconfined_u:system_r:hddtemp_t:s0-s0:c0.c1023 for scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:hddtemp_exec_t:s0 tclass=process audit2log suggests adding: role system_r types unconfined_t; role system_r types sshd_t; role system_r types hddtemp_t; "seinfo -rsystem_r -x" shows system_r does have those types. I don't understand where it goes wrong. I'm a beginner with selinux. Merci, Benoit -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.12-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages selinux-policy-default depends on: ii libpam-modules 1.1.3-9 ii libselinux1 2.2.1-1 ii libsepol1 2.2-1 ii policycoreutils 2.2.4-1 ii python 2.7.5-5 ii selinux-utils 2.2.1-1 Versions of packages selinux-policy-default recommends: ii checkpolicy 2.2-1 ii setools 3.3.8-1+b1 Versions of packages selinux-policy-default suggests: ii logcheck 1.3.15 pn syslog-summary <none> -- Configuration Files: /etc/selinux/default/modules/active/file_contexts.local [Errno 13] Permission non accordée: u'/etc/selinux/default/modules/active/file_contexts.local' -- no debconf information
--- End Message ---
--- Begin Message ---Source: refpolicy Source-Version: 2:2.20140206-1 We believe that the bug you reported is fixed in the latest version of refpolicy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laurent Bigonville <[email protected]> (supplier of updated refpolicy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 06 Feb 2014 21:56:55 +0100 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20140206-1 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <[email protected]> Changed-By: Laurent Bigonville <[email protected]> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 707214 732857 Changes: refpolicy (2:2.20140206-1) unstable; urgency=medium . * Team upload. * New GIT snapshot of the policy - Allow unconfined_u user to enter system_r role again (Closes: #732857) - Allow unconfined user to transition to dpkg_t and transitively to dpkg_script_t (Closes: #707214) - Refresh 0004-init-startpar-initrc_t-gets-attributes-of-dev-dm-0-d.patch - Drop d/p/0005-add-missing-newline.patch, d/p/0006-allow-udev-write-rulesd.patch: Applied upstream * debian/selinux-policy-dev.post{inst,rm}: Call sepolgen-ifgen after selinux-policy-dev installation if SELinux is enabled * debian/selinux-policy-dev.install, debian/rules: Install headers in /usr/share/selinux/devel, there is no differences between default and mls headers, so it's not necessary to install both. * debian/rules, debian/example/Makefile, debian/Makefile.devel: Fix development Makefile to work with new headers location * debian/control: Bump Standards-Version to 3.9.5 (no further changes) Checksums-Sha1: 44c4729d5c38c1bffad5847c01b92c5b0e42c313 2011 refpolicy_2.20140206-1.dsc 99b93e86c843294929e850c6f22f06a9a4e2d34b 486057 refpolicy_2.20140206.orig.tar.bz2 10ff5dc56444c87c93261547fbae13e2f0b2a14f 42792 refpolicy_2.20140206-1.debian.tar.xz 06b856bc9051417a68789eb9efce36c0315b6e3d 2864096 selinux-policy-default_2.20140206-1_all.deb ef1f7e3e103dc19fb4968eaf8f99ddd969e528a2 2901920 selinux-policy-mls_2.20140206-1_all.deb c6fe3de40f236c56e02b66fb83519b9b2589e4b4 1167884 selinux-policy-src_2.20140206-1_all.deb 66177efa8034565eb0ab9753a302ed611b8a7be6 424672 selinux-policy-dev_2.20140206-1_all.deb 22aae6d622d8223504b5c9c3005117145592f543 401170 selinux-policy-doc_2.20140206-1_all.deb Checksums-Sha256: daf7f9362958ec60a52b191e480817f21298b351c29e1ae4d46e49260675af23 2011 refpolicy_2.20140206-1.dsc 209db243270e37abd5ca819ef3758ff5518c206e362f15ceb8b79f6a30ff209a 486057 refpolicy_2.20140206.orig.tar.bz2 5ff317853f183992b868ed380ed9933f837a4d987efcf0b9f600f29ae2ffd0de 42792 refpolicy_2.20140206-1.debian.tar.xz 80b65eff239ca74977b28d31352083bf0d9be7bdad60c57054f786aa67e50b88 2864096 selinux-policy-default_2.20140206-1_all.deb 561683008ddff41bb8b79308be15af466e11068736c9efa37e44211162cc9934 2901920 selinux-policy-mls_2.20140206-1_all.deb 70de651599f829d83c880680f033f97331174e22f46160874dc42aa77b32f318 1167884 selinux-policy-src_2.20140206-1_all.deb de37a010f5201776e19e6fe2db0ffc8f7e792b1df02ecb236fd39b2bf21cd3dd 424672 selinux-policy-dev_2.20140206-1_all.deb 58ba7bd3c06eda3510a9512086eff17f04c27eade643f7d8c3fda7072d07b6bd 401170 selinux-policy-doc_2.20140206-1_all.deb Files: dfe158c72ca359ee54189abe3bc36f4f 2011 admin optional refpolicy_2.20140206-1.dsc 8bd5c5777cd6ec72bd077881fea51763 486057 admin optional refpolicy_2.20140206.orig.tar.bz2 9918d7b681afcedfc047a16af962a3f5 42792 admin optional refpolicy_2.20140206-1.debian.tar.xz 4374adc9cd8c59a79e8716079de9c551 2864096 admin optional selinux-policy-default_2.20140206-1_all.deb 75b27e2bbb47e8c230954d6a95d743ca 2901920 admin extra selinux-policy-mls_2.20140206-1_all.deb 7efaee0369010bd9fb41729beef18762 1167884 admin optional selinux-policy-src_2.20140206-1_all.deb e8ae5b540ed28ea2f6a044601197f6fe 424672 admin optional selinux-policy-dev_2.20140206-1_all.deb 6c1d0e0acd15af7a96cc56bb448b18ef 401170 doc optional selinux-policy-doc_2.20140206-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJS8/jWAAoJEB/FiR66sEPVHLgH/38QANmPRMRAK4HdQfJr2dXV 8dDh2vc64KESzywCFN07a3vy38Lm6JmgFuRnRLvtj8GCHlNX/1yMdSJ8qQjNT7SO /vtfEPJ/44qK8kvs35O+POlAjXlfV3b9iW/x4LoignyWPGrEfB7dVnNGNV+846cw FGvV/Ewa3ByA63YFE/AdQdVnRBPGglImKLrY2gqzBgGs78hZ3awWxjl3Pb3tyodv uuaFNdjaW/y2qE3Rz9jKAm78Ho7HDkCGytgjvwE5KlpHp0S7LMCEifAWHMA3rE3X ROC8YKjz8KWAvu1V5ld8qsI+8yU1JNnOzmtD49N0FhIyL800tRdgf4Tj9qeguGI= =2q0x -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ SELinux-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
