Bug 238642

Summary: Warning messages for /etc/selinux/targeted/contexts/files/file_contexts and vlc
Product: [Fedora] Fedora Reporter: Wojciech Pilorz <wpilorz>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: low Docs Contact:
Priority: medium    
Version: 6CC: moneta.mace, webmaster
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Current Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-22 14:13:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Wojciech Pilorz 2007-05-01 22:54:18 UTC 
Description of problem:
Error messages from yum during update of selinux-policy-targeted to version
selinux-policy-targeted-2.4.6-62.fc6

Version-Release number of selected component (if applicable):
selinux-policy-targeted-2.4.6-62.fc6

How reproducible:
yum shell
update

Steps to Reproduce:
1.
2.
3.
  
Actual results:
Yum displayed the following message
/etc/selinux/targeted/contexts/files/file_contexts: Multiple different
specifications for /usr/lib/vlc/codec/libdmo_plugin.so 
(system_u:object_r:textrel_shlib_t:s0 and system_u:object_r:shlib_t:s0).
/etc/selinux/targeted/contexts/files/file_contexts: Multiple different
specifications for /usr/lib/vlc/codec/librealaudio_plugin.so 
(system_u:object_r:textrel_shlib_t:s0 and system_u:object_r:shlib_t:s0).

Both .so files mentioned are from vlc-0.8.6b-1.lvn6

/var/log/messages show

restorecond: Will not restore a file with more than one hard link
(/etc/resolv.conf) Invalid argument

during yum session, as well as during bootup and shutdown

Expected results:
No messages:

Additional info:
Comment 1 Daniel Walsh 2007-05-03 14:26:37 UTC 
Did you modify the context to be textrel_shlib_t?  The current policy only
requires these to be shlib_t?
Comment 2 Mace Moneta 2007-05-03 15:07:07 UTC 
It looks like the Livna VLC package performs:


$ rpm -q --scripts vlc

postinstall scriptlet (using /bin/sh):
/usr/bin/gtk-update-icon-cache -qf /usr/share/icons/hicolor &>/dev/null || :
/sbin/ldconfig
# Add new labeling rules for libraries requiring text relocation:
/usr/sbin/semanage fcontext -a -t textrel_shlib_t 
/usr/lib/vlc/codec/libdmo_plugin.so
/usr/sbin/semanage fcontext -a -t textrel_shlib_t
/usr/lib/vlc/codec/librealaudio_plugin.so
# Set correct SELinux security contexts:
restorecon /usr/lib/vlc/codec/libdmo_plugin.so
/usr/lib/vlc/codec/librealaudio_plugin.so
postuninstall scriptlet (using /bin/sh):
/usr/bin/gtk-update-icon-cache -qf /usr/share/icons/hicolor &>/dev/null || :
/sbin/ldconfig
Comment 3 Wojciech Pilorz 2007-05-03 15:40:35 UTC 
I have not personally changed anything, just
yum shell update
If I run
cd /etc/selinux/; find * -type f | env LANG=C xargs -r grep vlc
I get
targeted/modules/previous/file_contexts.local:/usr/lib/vlc/codec/libdmo_plugin.so
   system_u:object_r:textrel_shlib_t:s0
targeted/modules/previous/file_contexts.local:/usr/lib/vlc/codec/librealaudio_plugin.so
   system_u:object_r:textrel_shlib_t:s0
Binary file targeted/modules/active/base.linked matches
targeted/modules/active/file_contexts.local:/usr/lib/vlc/codec/libdmo_plugin.so
   system_u:object_r:textrel_shlib_t:s0
targeted/modules/active/file_contexts.local:/usr/lib/vlc/codec/librealaudio_plugin.so
   system_u:object_r:textrel_shlib_t:s0
Binary file targeted/modules/active/base.pp matches
targeted/modules/active/file_contexts.template:/usr/lib/vlc/codec/libdmo_plugin.so
     --      system_u:object_r:shlib_t:s0
targeted/modules/active/file_contexts.template:/usr/lib/vlc/codec/librealaudio_plugin.so
       --system_u:object_r:shlib_t:s0
targeted/modules/active/file_contexts:/usr/lib/vlc/codec/libdmo_plugin.so      
--      system_u:object_r:shlib_t:s0
targeted/modules/active/file_contexts:/usr/lib/vlc/codec/librealaudio_plugin.so
--      system_u:object_r:shlib_t:s0
targeted/contexts/files/file_contexts.local:/usr/lib/vlc/codec/libdmo_plugin.so
   system_u:object_r:textrel_shlib_t:s0
targeted/contexts/files/file_contexts.local:/usr/lib/vlc/codec/librealaudio_plugin.so
   system_u:object_r:textrel_shlib_t:s0
targeted/contexts/files/file_contexts:/usr/lib/vlc/codec/libdmo_plugin.so      
--      system_u:object_r:shlib_t:s0
targeted/contexts/files/file_contexts:/usr/lib/vlc/codec/librealaudio_plugin.so
--      system_u:object_r:shlib_t:s0

Wojtek
Comment 4 Daniel Walsh 2007-05-04 13:03:23 UTC 
I have fixed the default context for these files to be textrel_shlib_t to match
what the distributer wants.  It would have been better if they had contacted me
or fixed their libraries.  But selinux-policy-2.4.6-69 will have the correct
context and should prevent this in the future.
Comment 5 David 2007-05-09 10:03:13 UTC 
dwalsh,

Thanks for the update and fix, but its approaching a week and I have not seen an
updated selinux policy toi kill the bug, any idea's when it will be released?
Comment 6 Daniel Walsh 2007-05-14 18:57:55 UTC 
It will go to test release today.  Sorry I was at the Red Hat Summit all last week.
Comment 7 Wojciech Pilorz 2007-05-17 20:53:11 UTC 
I have installed selinux-policy-targeted-2.4.6-69.fc6 from updates-testing.
Now it is more quiet, when booting the system is says:

/etc/selinux/targeted/contexts/files/file_contexts: Multiple same specification
s for /usr/lib/vlc/codec/libdmo_plugin.so.
/etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications
for /usr/lib/vlc/codec/librealaudio_plugin.so.

at least two times.
The plugins mentioned are from vlc-0.8.6b-1.lvn6.i386.
I am wondering if something could be done to quiet the messages?
Comment 8 Daniel Walsh 2007-05-18 12:51:30 UTC 
Yes now you will have to remove the lines added by the vendor to stop the messages

Something like 
semanage fcontext -d /usr/lib/vlc/codec/libdmo_plugin.so
Comment 9 Daniel Walsh 2007-08-22 14:13:11 UTC 
Fixed in current release