Bug 1584335
| Summary: | rpm has an inconsistent mode for /etc/selinux/targeted/active/policy.linked | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Andrew Schorr <ajschorr> |
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
| Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.6 | CC: | ajschorr, kwalker, lvrabec, mmalik, plautrba, riehecky, ssekidde, vmojzis |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-08-06 12:52:25 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1653106 | ||
|
Description
Andrew Schorr
2018-05-30 17:37:44 UTC
Thank you for reporting the issue. Could you please list versions of the following packages please? libsepol libselinux libsemanage policycoreutils It seems that your system contains outdated version of libsemanage, which generates policy.linked with different file mode. Could you please verify that updating libsemanage and selinux-policy-targeted to the latest versions (possibly followed by policy rebuild "# semodule -B") fixes the issue? If it does, we need to update selinux-policy-targeted rpm to require corresponding version of libsemanage. sh-4.2# rpm --verify -q selinux-policy-targeted .M....... g /etc/selinux/targeted/active/policy.linked sh-4.2# rpm -q libsepol libselinux libsemanage policycoreutils selinux-policy-targeted libsepol-2.5-8.1.el7.x86_64 libselinux-2.5-12.el7.x86_64 libsemanage-2.5-11.el7.x86_64 policycoreutils-2.5-22.el7.x86_64 selinux-policy-targeted-3.13.1-192.el7_5.3.noarch As far as I can tell, those are all current versions. Are there newer ones? sh-4.2# semodule -B sh-4.2# rpm --verify -q selinux-policy-targeted .M....... g /etc/selinux/targeted/active/policy.linked FYI, this is still broken in 7.6 in selinux-policy-targeted-3.13.1-229.el7_6.6.noarch sh-4.2# rpm --verify -q selinux-policy-targeted .M....... g /etc/selinux/targeted/active/policy.linked sh-4.2# rpm -q selinux-policy-targeted selinux-policy-targeted-3.13.1-229.el7_6.6.noarch sh-4.2# rpm -qlv selinux-policy-targeted | grep policy.linked -rw------- 1 root root 3881011 Nov 28 16:20 /etc/selinux/targeted/active/policy.linked sh-4.2# ls -ld /etc/selinux/targeted/active/policy.linked -rw-r--r-- 1 root root 3857048 Dec 5 19:39 /etc/selinux/targeted/active/policy.linked Regards, Andy Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2127 |