Bug 919611

Summary: [abrt] policycoreutils-devel-2.1.13-55.fc18: __init__.py:954:<module>:AttributeError: 'module' object has no attribute 'PASSWD__CRONTAB'
Product: [Fedora] Fedora Reporter: M J <login>
Component: policycoreutilsAssignee: Daniel Walsh <dwalsh>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: abrt_hash:666607b27bd1ca57f8a48323c1be987eabfa55af
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: SWiG wrapper references undefined attribute. audit2allow imports wrapper. Consequence: Exception on missing attribute when running audit2allow. Fix: Comment out the SWIG wrapper line. Result: audit2allow works
 Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-08 23:17:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: core_backtrace
none
File: dso_list
none
File: environ none

Description M J 2013-03-08 22:04:02 UTC 
Description of problem:
This bug occurred while using audit2allow on the grep'd audit.log file for a permission denial of read access to /dev/sr0 (the cdrom) by a Xen HVM guest.

1. Start an HVM guest that requires an install cd (here Windows 8) on Fedora 18 under Xen / virt-manager.
2. Selinux will deny the given permission.
3. Use: 
> grep removable_device_t /var/log/audit.log | head -1 | audit2allow -R

...and you get the stack trace:

Traceback (most recent call last):
  File "/bin/audit2allow", line 23, in <module>
    import sepolgen.audit as audit
  File "/usr/lib64/python2.7/site-packages/sepolgen/audit.py", line 20, in <module>
    import refpolicy
  File "/usr/lib64/python2.7/site-packages/sepolgen/refpolicy.py", line 22, in <module>
    import selinux
  File "/usr/lib64/python2.7/site-packages/selinux/__init__.py", line 954, in <module>
    PASSWD__CRONTAB = _selinux.PASSWD__CRONTAB
AttributeError: 'module' object has no attribute 'PASSWD__CRONTAB'


Version-Release number of selected component:
policycoreutils-devel-2.1.13-55.fc18

Additional info:
cmdline:        /usr/bin/python -Es /bin/audit2allow -R
executable:     /bin/audit2allow
kernel:         3.8.1-201.fc18.x86_64
uid:            0
Comment 1 M J 2013-03-08 22:04:05 UTC 
Created attachment 707228 [details]
File: backtrace
Comment 2 M J 2013-03-08 22:04:06 UTC 
Created attachment 707229 [details]
File: core_backtrace
Comment 3 M J 2013-03-08 22:04:08 UTC 
Created attachment 707230 [details]
File: dso_list
Comment 4 M J 2013-03-08 22:04:10 UTC 
Created attachment 707231 [details]
File: environ
Comment 5 M J 2013-03-08 23:12:38 UTC 
A temporary fix: there is a bug in the selinux python wrapper at:
/usr/lib64/python2.7/site-packages/selinux/__init__.py:954

PASSWD_CRONTAB = selinux.PASSWD_CRONTAB

This file is generated by SWiG and it seems the underlying field does not exist. Comment out this line and audit2allow will work properly:

# PASSWD_CRONTAB = selinux.PASSWD_CRONTAB
Comment 6 Daniel Walsh 2013-03-11 15:04:07 UTC 
So this was never a bug?

PASSWD_CRONTAB = _selinux.PASSWD_CRONTAB

Is what I see?