Your message dated Tue, 26 Apr 2016 13:06:35 +0000
with message-id <[email protected]>
and subject line Bug#813604: fixed in policycoreutils 2.5-1
has caused the Debian Bug report #813604,
regarding newrole: pamd error
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
813604: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813604
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: newrole
Version: 2.4-4
When i try to use newrole on debian testing with upstream refpolicy
(https://github.com/TresysTechnology/refpolicy) installed, i got the
following error:
root@debianSe:~# newrole -r sysadm_r -t sysadm_t
Password:
newrole: incorrect password for root
Error sending audit message.
The is an error message in /var/log/auth.log:
Feb 3 16:58:53 debianSe newrole: PAM audit_log_acct_message() failed:
Operation not permitted
The transition should be allowed by selinux:
root@debianSe:~# semanage user -l
SELinux User SELinux Roles
root staff_r sysadm_r
staff_u staff_r sysadm_r
sysadm_u sysadm_r
system_u system_r
unconfined_u unconfined_r
user_u user_r
root@debianSe:~# id -Z
root:staff_r:staff_t
When i configure the seuser like 'semange -m -R sysadm_r root', i can
login with a sysadm_r role.
root@debianSe:~# cat /etc/pam.d/newrole
#%PAM-1.0
@include common-auth
@include common-account
@include common-session
session required pam_namespace.so unmnt_remnt no_unmount_on_close
--- End Message ---
--- Begin Message ---
Source: policycoreutils
Source-Version: 2.5-1
We believe that the bug you reported is fixed in the latest version of
policycoreutils, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laurent Bigonville <[email protected]> (supplier of updated policycoreutils
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 26 Apr 2016 14:54:13 +0200
Source: policycoreutils
Binary: policycoreutils policycoreutils-python-utils python-sepolicy
policycoreutils-gui policycoreutils-dev policycoreutils-sandbox restorecond
mcstrans newrole
Architecture: source amd64 all
Version: 2.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers <[email protected]>
Changed-By: Laurent Bigonville <[email protected]>
Description:
mcstrans - SELinux core policy utilities (mcstrans utilities)
newrole - SELinux core policy utilities (newrole application for RBAC/MLS)
policycoreutils - SELinux core policy utilities
policycoreutils-dev - SELinux core policy utilities (development utilities)
policycoreutils-gui - SELinux core policy utilities (graphical utilities)
policycoreutils-python-utils - SELinux core policy utilities (Python utilities)
policycoreutils-sandbox - SELinux core policy utilities (graphical sandboxes)
python-sepolicy - Python binding for SELinux Policy Analyses
restorecond - SELinux core policy utilities (restorecond utilities)
Closes: 734806 813604
Changes:
policycoreutils (2.5-1) unstable; urgency=medium
.
* Team upload.
* New upstream release
- Drop d/p/0001-legacy.patch, d/p/0016-open-init-pty: new open_init_pty
has been merged upstream
- debian/patches/0023-sepolicy-help-path.patch: Refreshed
- debian/control: Bump {build-}dependencies to match the new release
- Fix newrole to not drop capabilities from the bounding set. (Closes:
#813604)
- Fix crash when python-audit is not installed (Closes: #734806)
* debian/control: Bump Standards-Version to 3.9.8 (no further changes)
* debian/control: Update the Vcs-* URL's to please lintian (again)
* debian/NEWS: Remove duplicate word, thanks to lintian
Checksums-Sha1:
0604fcc704447b260b1d8924a4cc3190ce4a01ff 2633 policycoreutils_2.5-1.dsc
425ab5ad02cf2195d63fad5578b23a615eb95c21 4986066
policycoreutils_2.5.orig.tar.gz
7fa8d8d2372756672bec5d0667ead9147dfbd98c 28312
policycoreutils_2.5-1.debian.tar.xz
32b3c4cba9d131c12ab6295c10a8baac7d55a86b 52420 mcstrans-dbgsym_2.5-1_amd64.deb
97131c1eecff6ae7a95180e0d1cf02a11cfd8c01 137384 mcstrans_2.5-1_amd64.deb
5e3d62982dc2394c023ac40c56ebb1bae9d441bc 34506 newrole-dbgsym_2.5-1_amd64.deb
2ec3fe534b0db2eb55043508b662eb64193dd4ec 56016 newrole_2.5-1_amd64.deb
caed2f9d1a91b768563bb1faf0bcc71cea633c4c 67828
policycoreutils-dbgsym_2.5-1_amd64.deb
bdae18d5ce037f9fa74c8929039d67d3865cadbc 44348
policycoreutils-dev-dbgsym_2.5-1_amd64.deb
8117989752c4ae26bca69c91a96a3c6fd001f435 172360
policycoreutils-dev_2.5-1_amd64.deb
f4442874c20aa09ef38ee13720e0cc54b8a2ffc2 1581174
policycoreutils-gui_2.5-1_all.deb
9655ef0e93e55e25774434372d1a21c58178bea4 8072
policycoreutils-python-utils-dbgsym_2.5-1_amd64.deb
2d2644ee333dbe1d4609234a6b72a5e823c4cb99 86024
policycoreutils-python-utils_2.5-1_amd64.deb
3a32ecc590e2257492bac3c76748527d9a493624 17672
policycoreutils-sandbox-dbgsym_2.5-1_amd64.deb
a72d3e5a6da5cc03e7759c92840ffe3b19ea9186 47580
policycoreutils-sandbox_2.5-1_amd64.deb
cc3a4ea6132ac5eb36a99807e2e2d0ef27177b15 480510 policycoreutils_2.5-1_amd64.deb
799187af1bd20e10fcdc7366fc92cb1e1af966d8 43826
python-sepolicy-dbgsym_2.5-1_amd64.deb
8b83d9265ab06e9f7f214b907d9f4fe8f28f9ea0 76780 python-sepolicy_2.5-1_amd64.deb
24624c8a6640eaf78ea4812614ec3207853017d9 33372
restorecond-dbgsym_2.5-1_amd64.deb
2c4714ab95429bea1b07121bd813a95663f3593b 53022 restorecond_2.5-1_amd64.deb
Checksums-Sha256:
ea8a5813769eb7c293a0c0ef704c57854bd144193896c01f7d85ff163361d0c7 2633
policycoreutils_2.5-1.dsc
329382cfe9fa977678abf541dcd8fe3847cf0c83b24654c8f7322343907078a1 4986066
policycoreutils_2.5.orig.tar.gz
24738177c19619e161ed8a0a27208337d6ebcf8b92db3519d6e6eb9b51f43621 28312
policycoreutils_2.5-1.debian.tar.xz
e3635db9b205feff15451911798dcf59ebf5d6d07c2f39c600f3a09a0629d39e 52420
mcstrans-dbgsym_2.5-1_amd64.deb
d8c02d4280375d483e8e476f5e546d5361eba3495ebc25528b8927beb7f70328 137384
mcstrans_2.5-1_amd64.deb
baa2d07c2a6e5e460f12c4530770ba2750f6a49c634398dc2447570d6970f66f 34506
newrole-dbgsym_2.5-1_amd64.deb
30807ec2086bfc6be007b63a7fafb672005482eeef60fef58bb0a3f8a0af70f1 56016
newrole_2.5-1_amd64.deb
65dd1524f454dbfef19cba9794bf63dc39022fcbb68889d73555a4e153f580b8 67828
policycoreutils-dbgsym_2.5-1_amd64.deb
b275592590946d09ec9a2010484701e977cd1423f9bd180d2e3a2c11a97f57b8 44348
policycoreutils-dev-dbgsym_2.5-1_amd64.deb
8eb50962360ac383eb0ac3ee94193cee585772c01bf692cb7bf373c1c418f907 172360
policycoreutils-dev_2.5-1_amd64.deb
6cac94132317726d11ab212484f34b50743cf14ecbe3ea1712707096afd1053f 1581174
policycoreutils-gui_2.5-1_all.deb
71dced618ec4c0fc79fb3b2dd0e293b79fa05ae6298ce4c9ee73068e530627bc 8072
policycoreutils-python-utils-dbgsym_2.5-1_amd64.deb
f6eb86787f99f07d0fef8c96ddc03852dfafea3a34d06c4dc5167d3044781228 86024
policycoreutils-python-utils_2.5-1_amd64.deb
1d3dd7b23ec8ea3b561aca0396fbef8512f5a58db6d9400328e39e6f531b104d 17672
policycoreutils-sandbox-dbgsym_2.5-1_amd64.deb
c95a80a7b4a200118b89650bf79130247a4e491a5dc409c9bd4024141e623525 47580
policycoreutils-sandbox_2.5-1_amd64.deb
328a79a6d200856c1d1910bbc2706a48df41da6e7a69f5bb912880ead2aab68b 480510
policycoreutils_2.5-1_amd64.deb
da9a73e6427eb549b51e1d41ce9e09d6307c4422651f4b05a356bb644e2d5722 43826
python-sepolicy-dbgsym_2.5-1_amd64.deb
3ab5abaabe1d5e92963c82b75cdce01390a7ac911d13ae073bd29a862a18afea 76780
python-sepolicy_2.5-1_amd64.deb
38bc9de52509269594359741e20afdc8d9073d3e8b6537610e1cea74dac51ea3 33372
restorecond-dbgsym_2.5-1_amd64.deb
eaee8a5061c12e5b1ad2216ad0eff85a9b57266f1ffbb05c0133d62887c6f660 53022
restorecond_2.5-1_amd64.deb
Files:
d14991ffc6f0741aa8e9bbe926aec3ca 2633 utils optional policycoreutils_2.5-1.dsc
9ad9331b2133262fb3f774359a7f4761 4986066 utils optional
policycoreutils_2.5.orig.tar.gz
12140628a1a1532f88a9d8786ed6d8df 28312 utils optional
policycoreutils_2.5-1.debian.tar.xz
2302fc9beb6a4edc775b26f555e9c58b 52420 debug extra
mcstrans-dbgsym_2.5-1_amd64.deb
de9e27eded5b7d018183b8bbc2ec47ec 137384 utils extra mcstrans_2.5-1_amd64.deb
b9c9403b32ee0e034cf40cab66e0d996 34506 debug extra
newrole-dbgsym_2.5-1_amd64.deb
36dfc7ead58ab8dedb224800e9606a98 56016 utils extra newrole_2.5-1_amd64.deb
503d9a74305293d018cb559fb92fbd0b 67828 debug extra
policycoreutils-dbgsym_2.5-1_amd64.deb
1a18fa21de5e1d34ea37b7ca32712bf7 44348 debug extra
policycoreutils-dev-dbgsym_2.5-1_amd64.deb
c690d0ad51b2d4060a839836b43bfce9 172360 devel optional
policycoreutils-dev_2.5-1_amd64.deb
01ff2db4b55b18d22ca5b59bce121ee5 1581174 utils extra
policycoreutils-gui_2.5-1_all.deb
d34a556cb745894d7c7a516824dd1da5 8072 debug extra
policycoreutils-python-utils-dbgsym_2.5-1_amd64.deb
f80e3a3ae2d74338f3a37ce163e7d0dc 86024 utils optional
policycoreutils-python-utils_2.5-1_amd64.deb
ecf4ae5ec65f9c4821d07fa1e40c80fe 17672 debug extra
policycoreutils-sandbox-dbgsym_2.5-1_amd64.deb
f9869da5d3650c5898f5d4be66a7b8e4 47580 utils extra
policycoreutils-sandbox_2.5-1_amd64.deb
ba6c9a1a520634cbb2e17b87721bf7ab 480510 utils optional
policycoreutils_2.5-1_amd64.deb
5bfe22f54df0d3cf53ec91b55b72c345 43826 debug extra
python-sepolicy-dbgsym_2.5-1_amd64.deb
7b19c23da6badc1a49cf6f49ef645023 76780 python optional
python-sepolicy_2.5-1_amd64.deb
4ed92f46626f15a5049a276edd0d8a98 33372 debug extra
restorecond-dbgsym_2.5-1_amd64.deb
f1228308c67b0967738331350d6c54f3 53022 utils optional
restorecond_2.5-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJXH2avAAoJEB/FiR66sEPVD8gH/A1QY0MWnu64N1371NW/rD1z
JfcDhUMQVdHou7BncfUqnAC0/BtgSxt1YVA7P2QCDtd7OPvuKuUGnH8abw7xhDrq
5qdK1k0NhSFRLDfFoY41Lmzu3SzqEX/j8D6rIi+DfERrlmAH106xMyLkuSYsRwou
Gq4Mr4CuXW4BUS0Z3GgIRc7wrxi0s7qx28F6nM8LsWJidybwsuS0PEyY/vRNT0b4
e6zzcxscqJWrKNbqIia2uvxN14k/465lPo9dP/TQlZePLw38j0KXMQqX8om+BF0Y
diiMjqWlyBp73QX7taPVClncHmBJe0i8EQn9GwZQUrWD43tPmhqQqmI4L++Tnm8=
=WePb
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
SELinux-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
