Bug 1122850
Summary: | semanage -o doesn't work in combination with -S mls | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Michal Trunecka <mtruneck> | |
Component: | policycoreutils | Assignee: | Petr Lautrbach <plautrba> | |
Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 6.6 | CC: | dwalsh, mgrepl, mmalik | |
Target Milestone: | rc | |||
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | policycoreutils-2.0.83-21.el6 | Doc Type: | Bug Fix | |
Doc Text: |
The semanage utility previously listed only changes made to the currently used SELinux policy. For example, when the targeted policy was loaded and changes were made to the Multi-Level Security (MLS) policy, the "semanage -S mls -o" command did not list all the changes, even when the changes were applied correctly. This bug has been fixed, and semanage now lists all changes as expected.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1208797 (view as bug list) | Environment: | ||
Last Closed: | 2015-07-22 07:03:55 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
Michal Trunecka
2014-07-24 08:30:29 UTC
Are you getting AVCs? Does it work in permissive mode? I has not been fixed yet. Should work with --- /usr/sbin/semanage.old 2015-03-09 14:53:54.707000662 +0100 +++ /usr/sbin/semanage 2015-03-09 16:12:56.290999834 +0100 @@ -560,7 +560,7 @@ sys.stdout = open(output, 'w') for i in manageditems: print "%s -D" % i - process_args([i, "-E"]) + process_args([i, "-E",("-S%s") % store ]) sys.exit(0) if input != None: The proposed patch wouldn't work when semanage is called without -S. This one should fix it: --- /usr/sbin/semanage.orig 2015-03-10 14:24:54.577229283 +0100 +++ /usr/sbin/semanage 2015-03-10 16:14:20.247141124 +0100 @@ -560,7 +560,10 @@ Object-specific Options (see above): sys.stdout = open(output, 'w') for i in manageditems: print "%s -D" % i - process_args([i, "-E"]) + if store == "": + process_args([i, "-E"]) + else: + process_args([i, "-E", "-S", store]) sys.exit(0) if input != None: Yeap, thanks. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1360.html |