Bug 1124345 - Error when listing booleans using semanage from another storage
Summary: Error when listing booleans using semanage from another storage
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: policycoreutils
Version: 6.6
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Petr Lautrbach
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks: 1391605
TreeView+ depends on / blocked
 
Reported: 2014-07-29 09:43 UTC by Michal Trunecka
Modified: 2016-11-03 15:44 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1391605 (view as bug list)
Environment:
Last Closed: 2016-01-19 15:49:29 UTC


Attachments (Terms of Use)

Description Michal Trunecka 2014-07-29 09:43:00 UTC
Description of problem:

When running semanage boolean -S mls -l, it prints only handful of booleans and then fails with /usr/sbin/semanage: No such file or directory:

(Works fine on RHEL7)

# semanage boolean -S mls -l
SELinux boolean                State  Default Description

ftp_home_dir                   (on   ,   on)  Allow ftp to read and write files in the user home directories
smartmon_3ware                 (off  ,  off)  Enable additional permissions needed to support devices on 3ware controllers.
xdm_sysadm_login               (off  ,  off)  Allow xdm logins as sysadm
xen_use_nfs                    (off  ,  off)  Allow xen to manage nfs files
mozilla_read_content           (off  ,  off)  Control mozilla content access
ssh_chroot_rw_homedirs         (off  ,  off)  Allow ssh with chroot env to read and write files in the user home directories
postgresql_can_rsync           (off  ,  off)  Allow postgresql to use ssh and rsync for point-in-time recovery
allow_console_login            (on   ,  off)  Allow direct login to the console device. Required for System 390
spamassassin_can_network       (off  ,  off)  Allow user spamassassin clients to use the network.
authlogin_shadow               (off  ,  off)  Allow users login programs to access /etc/shadow.
httpd_can_network_relay        (off  ,  off)  Allow httpd to act as a relay
openvpn_enable_homedirs        (on   ,  off)  Allow openvpn to read home directories
allow_execheap                 (off  ,  off)  Allow unconfined executables to make their heap memory executable.  Doing this is a really bad idea. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla
telepathy_tcp_connect_generic_network_ports (off  ,  off)  Allow the Telepathy connection managers to connect to any generic TCP port.
tor_bind_all_unreserved_ports  (off  ,  off)  Allow tor daemon to bind tcp sockets to all unreserved ports.
httpd_can_network_connect_db   (off  ,  off)  Allow HTTPD scripts and modules to connect to databases over the network.
xguest_connect_network         (on   ,   on)  Allow xguest to configure Network Manager and connect to apache ports
allow_user_mysql_connect       (off  ,  off)  Allow users to connect to mysql
user_setrlimit                 (on   ,  off)  Allow user processes to change their priority
allow_ftpd_full_access         (on   ,   on)  Allow ftp servers to login to local users and read/write all files on the system, governed by DAC.
httpd_use_gpg                  (off  ,  off)  Allow httpd to run gpg in gpg-web domain
samba_domain_controller        (off  ,  off)  Allow samba to act as the domain controller, add users, groups and change passwords.
httpd_dbus_sssd                (off  ,  off)  Allow Apache to communicate with sssd service via dbus
/usr/sbin/semanage: No such file or directory

Version-Release number of selected component (if applicable):
# rpm -qa selinux\*
selinux-policy-mls-3.7.19-246.el6.noarch
selinux-policy-targeted-3.7.19-246.el6.noarch
selinux-policy-3.7.19-246.el6.noarch
# rpm -qa policycoreutils\*
policycoreutils-sandbox-2.0.83-19.46.el6.x86_64
policycoreutils-python-2.0.83-19.46.el6.x86_64
policycoreutils-newrole-2.0.83-19.46.el6.x86_64
policycoreutils-2.0.83-19.46.el6.x86_64

Comment 3 Petr Lautrbach 2015-03-09 14:11:41 UTC
I has not been fixed yet.

Comment 6 Petr Lautrbach 2016-01-19 15:49:29 UTC
Due to the limited devel capacity and since it works on RHEL-7 I'm closing this as WONTFIX. Sorry.


Note You need to log in before you can comment on or make changes to this bug.