Bug 1657196

Summary: "semanage export" does not export infiniband end ports and pkeys
Product: Red Hat Enterprise Linux 7 Reporter: Milos Malik <mmalik>
Component: policycoreutilsAssignee: Vit Mojzis <vmojzis>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.6CC: dwalsh, lvrabec, mmalik, plautrba, ssekidde, vmojzis
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: policycoreutils-2.5-31.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1656085 Environment:
Last Closed: 2019-08-06 13:00:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milos Malik 2018-12-07 12:23:55 UTC 
+++ This bug was initially created as a clone of Bug #1656085 +++

Description of problem:
"semanage export" does not export infiniband end ports and pkeys

Steps to Reproduce:
1. Install policy from policycoreutils/Regression/infiniband-support-in-semanage
2. #semanage ibendport -a -t test_ibendport_t -z mlx4_0 2

3. #semanage export

Actual results:
boolean -D
login -D
interface -D
user -D
port -D
node -D
fcontext -D
module -D

Expected results:
boolean -D
login -D
interface -D
user -D
port -D
node -D
fcontext -D
module -D
ibendport -a -t test_ibendport_t -z mlx4_0 2

Additional information:
Should be a one-line fix:

selinux/python/semanage/semanage : handleExport
- manageditems = ["boolean", "login", "interface", "user", "port", "node", "fcontext", "module"]
+ manageditems = ["boolean", "login", "interface", "user", "port", "node", "fcontext", "module", "ibendport", "ibpkey"]

--- Additional comment from Petr Lautrbach on 2018-12-05 03:44:55 EST ---

https://lore.kernel.org/selinux/20181204164455.13353-1-vmojzis@redhat.com/T/#u
Comment 1 Milos Malik 2018-12-07 12:25:10 UTC 
Tested with:

# rpm -qa policycoreutils\*
policycoreutils-python-2.5-29.el7.x86_64
policycoreutils-2.5-29.el7.x86_64
policycoreutils-newrole-2.5-29.el7.x86_64
#
Comment 2 Vit Mojzis 2018-12-10 09:53:13 UTC 
Fix accepted by upstream:
https://github.com/SELinuxProject/selinux/commit/9cb9b18b1715426d06ba9fc9ed7678ee2d5cb40a
Comment 7 errata-xmlrpc 2019-08-06 13:00:15 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2160