Bug 730073
Summary: | invalid SELinux context | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | ultima.ratio.regum69 | ||||
Component: | RA | Assignee: | Ade Lee <alee> | ||||
Status: | CLOSED NOTABUG | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 9.0 | CC: | benl, cfu | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2011-08-11 20:37:44 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
What is the output of rpm -qa |grep pki ? In particular, I'm looking for the versions of pki-common, pki-setup and pki-selinux. It really looks like pki-selinux is not correctly installed. You might want to re-install it and see if it makes a difference. rpm -qa |grep pki dogtag-pki-ca-theme-9.0.6-1.fc15.noarch dogtag-pki-console-theme-9.0.6-1.fc15.noarch pki-ocsp-9.0.3-1.fc15.noarch dogtag-pki-9.0.0-5.fc15.noarch dogtag-pki-common-theme-9.0.6-1.fc15.noarch pki-setup-9.0.10-1.fc15.noarch pki-kra-9.0.4-1.fc15.noarch pki-util-9.0.10-1.fc15.noarch dogtag-pki-tks-theme-9.0.6-1.fc15.noarch dogtag-pki-tps-theme-9.0.6-1.fc15.noarch dogtag-pki-ocsp-theme-9.0.6-1.fc15.noarch pki-selinux-9.0.10-1.fc15.noarch pki-common-9.0.10-1.fc15.noarch pki-java-tools-9.0.10-1.fc15.noarch dogtag-pki-ra-theme-9.0.6-1.fc15.noarch pki-tks-9.0.3-1.fc15.noarch pki-silent-9.0.10-1.fc15.noarch pki-java-tools-javadoc-9.0.10-1.fc15.noarch pki-native-tools-9.0.10-1.fc15.x86_64 pki-common-javadoc-9.0.10-1.fc15.noarch pki-ca-9.0.10-1.fc15.noarch pki-ra-9.0.3-1.fc15.noarch pki-symkey-9.0.10-1.fc15.x86_64 dogtag-pki-kra-theme-9.0.6-1.fc15.noarch pki-util-javadoc-9.0.10-1.fc15.noarch pki-tps-9.0.5-1.fc15.x86_64 pki-console-9.0.3-1.fc15.noarch i've reinstalled pki-common, pki-setup and pki-selinux, as you said, and now everything seems correct. strange error, i wonder where it could come from. anyway, problem solved. thanks. |
Created attachment 517849 [details] install log file On a clean F15 x86_64 install dogtag-pki 9.0.0.5 dogtag-pki-ra-theme 9.0.6.1 selinux-policy 3.9.16-38 Runing : pkicreate -pki_instance_root=/var/lib \ -pki_instance_name=pki-ra \ -subsystem_type=ra \ -secure_port=12889 \ -non_clientauth_secure_port=12890 \ -unsecure_port=12888 \ -user=pkiuser \ -group=pkiuser \ -redirect conf=/etc/pki-ra \ -redirect logs=/var/log/pki-ra \ -verbose give me this : libsepol.context_from_record: type pki_ra_etc_rw_t is not defined (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsemanage.validate_handler: invalid context system_u:object_r:pki_ra_etc_rw_t:s0 specified for /etc/pki-ra(/.*)? [all files] (Invalid argument). libsemanage.dbase_llist_iterate: could not iterate over records (Invalid argument). /usr/sbin/semanage: Could not commit semanage transaction and this : Starting pki-ra: runcon: invalid context: unconfined_u:system_r:pki_ra_t:s0: Invalid argument same trouble with tps, but not with others subsystems (ca, tks, ocsp are fine). same trouble in permissive mode.