Bug 163481

Summary: Error while setting booleans: Invalid argument
Product: [Fedora] Fedora Reporter: Ralf Corsepius <rc040203>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4CC: chris.ricker, mattdm
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-07-18 14:18:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ralf Corsepius 2005-07-18 07:31:17 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.7.8-2

Description of problem:
Something goes wrong with todays version of the daily selinux-targeted update:

# yum update
....
  Updating  : selinux-policy-targeted      ######################### [1/4]
sepol_genbools_array:  unknown boolean user_ping
/usr/sbin/load_policy:  Warning!  Error while setting booleans:  Invalid argument
/sbin/restorecon reset /usr/sbin/apachectl context system_u:object_r:sbin_t->system_u:object_r:initrc_exec_t
...


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.25.2-4

How reproducible:
Always

Steps to Reproduce:

  

Expected Results:  Function

Additional info:
Comment 1 Daniel Walsh 2005-07-18 14:18:38 UTC 
This is not a problem.  user_ping boolean has been removed.  It makes no sense
in targeted policy.
Comment 2 Ralf Corsepius 2005-07-18 15:39:00 UTC 
(In reply to comment #1)
> This is not a problem.  user_ping boolean has been removed.  It makes no sense
> in targeted policy.

Well, then this bug probably is a cosmetic bug.

Nevertheless it is a bug, which you are supposed to fix.
Comment 3 Matthew Miller 2005-07-19 12:14:18 UTC 
I presume that the fix is that you won't see this message ever again because
it's gone in future updates.
Comment 4 Daniel Walsh 2005-07-19 15:17:07 UTC 
No the wording on the bug is fixed, to say

Warning:  Boolean has been removed.

(Or something like that.)

When you load policy,  the current boolean settings are taken from the kernel
and applied to the newly loaded policy, if a previous boolean setting is not
available in the new policy, then this is reported.  The goal is that booleans
should not disappear, but we are human... We are trying to juggle multiple
policies from a single source.  This was a case of a policy file being added
with a section that only made sense in strict policy, so it was ifdef'd out for 
targeted policy.