Bug 984484

Summary: make setsebool error message saying boolean do not exist more user friendly
Product: Red Hat Enterprise Linux 6 Reporter: Jan Hutař <jhutar>
Component: policycoreutilsAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact: Michal Trunecka <mtruneck>
Severity: low Docs Contact:
Priority: unspecified    
Version: 6.4CC: dwalsh, ebenes, eparis, mgrepl, mmalik, mtruneck
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: policycoreutils-2.0.83-19.32.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-11-21 11:08:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch to make setsebool less verbose on errors. none

Description Jan Hutař 2013-07-15 11:18:01 UTC
Description of problem:
When you attempt to enable some SELinux boolean which do not exist (e.g. you mistype its name), user unfriendly message is generated


Version-Release number of selected component (if applicable):
libselinux-2.0.94-5.3.el6_4.1.x86_64
selinux-policy-3.7.19-195.el6_4.12.noarch


How reproducible:
always


Steps to Reproduce:
1. # setsebool -P spacewalk_nfs_mountpointttt on


Actual results:
libsemanage.dbase_llist_set: record not found in the database (No such file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file or directory).
Could not change boolean spacewalk_nfs_mountpointttt
Could not change policy booleans


Expected results:
Some user friendly error message explaining the problem

Comment 3 Miroslav Grepl 2013-07-15 13:19:25 UTC
Probably should be discussed.

Comment 4 Daniel Walsh 2013-07-15 21:09:41 UTC
I just made a change to Upstream to do the following.

setsebool -P dan 1
Failed to change boolean dan: No such file or directory

setsebool -VP dan 1
libsemanage.dbase_llist_set: record not found in the database (No such file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file or directory).
Failed to change boolean dan: No such file or directory

Comment 5 Eric Paris 2013-07-16 15:27:17 UTC
Looks good to me....

Comment 6 Daniel Walsh 2013-07-16 17:05:25 UTC
Created attachment 774422 [details]
Patch to make setsebool less verbose on errors.

Miroslav if we are doing a policycoreutils update, this is probably worth back porting.

Fix is in RHEL7.

Comment 7 Miroslav Grepl 2013-07-17 09:56:06 UTC
Yes, there will be an update.

Comment 8 RHEL Program Management 2013-07-17 10:11:08 UTC
This request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux release.  Product
Management has requested further review of this request by
Red Hat Engineering, for potential inclusion in a Red Hat
Enterprise Linux release for currently deployed products.
This request is not yet committed for inclusion in a release.

Comment 10 Michal Trunecka 2013-07-22 17:19:10 UTC
The new -V option should be in man page as well.

Comment 11 Daniel Walsh 2013-07-22 19:25:31 UTC
We have the -V in man page in RHEL7

Comment 12 Miroslav Grepl 2013-07-26 10:15:46 UTC
I apologize, I did not update the man page to reflect this change.

Comment 13 Miroslav Grepl 2013-08-08 14:47:26 UTC
Fixed in policycoreutils-2.0.83-19.32.el6

Comment 15 errata-xmlrpc 2013-11-21 11:08:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1608.html