Bug 987369
| Summary: | semanage fcontext: value error | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | michal novacek <mnovacek> | ||||||
| Component: | policycoreutils | Assignee: | Daniel Walsh <dwalsh> | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Michal Trunecka <mtruneck> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 7.0 | CC: | ebenes, mmalik, mtruneck | ||||||
| Target Milestone: | rc | Keywords: | Regression, TestBlocker | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2014-06-13 12:28:38 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 883874, 1080147 | ||||||||
| Attachments: |
|
||||||||
|
Description
michal novacek
2013-07-23 10:19:45 UTC
Could you please install the latest version of policycoreutils packages ( https://brewweb.devel.redhat.com/buildinfo?buildID=282785 ) and re-run your scenario? Error still stands but is slightly different: # rpm -q policycoreutils policycoreutils-2.1.14-67.el7.x86_64 # semanage fcontext -a -t httpd_sys_content_t "/ha-web(/.*)?" libsepol.mls_from_string: invalid MLS context None (No such file or directory). libsepol.mls_from_string: could not construct mls context structure (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsemanage.validate_handler: invalid context system_u:object_r:httpd_sys_content_t:None specified for /ha-web(/.*)? [all files] (Invalid argument). libsemanage.dbase_llist_iterate: could not iterate over records (Invalid argument). ValueError: Could not commit semanage transaction I can confirm the bug is still present in current version: policycoreutils-2.1.14-68.el7.x86_64 Miroslav we need the unit test suite for semanage... Fixed in policycoreutils-2.1.14-69 Created attachment 777854 [details]
First quick test for semanage.
Anyone wanting to add additional test would be great.
I installed the policycoreutils of the recommended version but it still does not work for me: # rpm -q policycoreutils policycoreutils-2.1.14-69.el7.x86_64 # python /tmp/test-semanage.py SELinux must be in enforcing mode for this test # setenforce 1 # python /tmp/test-semanage.py Verify semanage export -f /tmp/out Verify semanage import -f /tmp/out ..Verify semanage login -l works Verify semanage user -l works Verify semanage port -l works Verify semanage interface -l works Verify semanage node -l works Verify semanage fcontext -l works Verify semanage boolean -l works . ---------------------------------------------------------------------- Ran 3 tests in 44.634s OK # semanage fcontext -a -t httpd_sys_content_t "/ha-web(/.*)?" libsepol.mls_from_string: invalid MLS context None (No such file or directory). libsepol.mls_from_string: could not construct mls context structure (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsemanage.validate_handler: invalid context system_u:object_r:httpd_sys_content_t:None specified for /ha-web(/.*)? [all files] (Invalid argument). libsemanage.dbase_llist_iterate: could not iterate over records (Invalid argument). ValueError: Could not commit semanage transaction Created attachment 778826 [details]
Updated test-semanage.py patch
policycoreutils-2.1.14-70.el7 works with latest test-suite. I confirm that policycoreutils-2.1.14-70.el7 solves the issue. Either "all files" or "" should not be there, because they are described as synonyms:
# semanage fcontext --help 2>&1 | grep "all files"
-f {all files,"",--,-d,-c,-b,-s,-l,-p}, --ftype {all files,"",--,-d,-c,-b,-s,-l,-p}
"" (all files),-- (regular file),-d (directory),-c
# semanage fcontext -a -f "" -t tmp_t /pokus
usage: semanage fcontext [-h] [-n] [-N] [-s STORE] [ --add ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) | --delete ( -t TYPE -f FTYPE | -e EQUAL ) FILE_SPEC ) | --deleteall | --extract | --list -C | --modify ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) ]
semanage fcontext: error: argument -f/--ftype: invalid choice: '' (choose from 'all files', '""', '--', '-d', '-c', '-b', '-s', '-l', '-p')
# semanage fcontext -a -f '' -t tmp_t /pokus
usage: semanage fcontext [-h] [-n] [-N] [-s STORE] [ --add ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) | --delete ( -t TYPE -f FTYPE | -e EQUAL ) FILE_SPEC ) | --deleteall | --extract | --list -C | --modify ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) ]
semanage fcontext: error: argument -f/--ftype: invalid choice: '' (choose from 'all files', '""', '--', '-d', '-c', '-b', '-s', '-l', '-p')
# semanage fcontext -a -f '""' -t tmp_t /pokus
KeyError: ""
# semanage fcontext -a -f "''" -t tmp_t /pokus
usage: semanage fcontext [-h] [-n] [-N] [-s STORE] [ --add ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) | --delete ( -t TYPE -f FTYPE | -e EQUAL ) FILE_SPEC ) | --deleteall | --extract | --list -C | --modify ( -t TYPE -f FTYPE -r RANGE -s SEUSER | -e EQUAL ) FILE_SPEC ) ]
semanage fcontext: error: argument -f/--ftype: invalid choice: "''" (choose from 'all files', '""', '--', '-d', '-c', '-b', '-s', '-l', '-p')
#
Removed comments about "" and "all files" from semanage fcontext -a -f in policycoreutils-2.1.14-72.el7 This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |