Bug 1247714 - libsemanage.dbase_llist_query: could not query record value (No such file or directory).
libsemanage.dbase_llist_query: could not query record value (No such file or ...
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: libsepol (Show other bugs)
23
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 1076441
  Show dependency treegraph
 
Reported: 2015-07-28 12:00 EDT by Petr Lautrbach
Modified: 2015-09-04 15:45 EDT (History)
4 users (show)

See Also:
Fixed In Version: 2.4-12.fc23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-04 15:45:19 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
proposed patch (4.77 KB, patch)
2015-08-25 04:48 EDT, Michal Srb
no flags Details | Diff

  None (edit)
Description Petr Lautrbach 2015-07-28 12:00:46 EDT
Description of problem:

# /usr/sbin/semanage login -a -s staff_u -r s0-s0:c0.c1023 yeti
libsemanage.dbase_llist_query: could not query record value (No such file or directory).
FileNotFoundError: [Errno 2] No such file or directory

# rpm -qf /usr/sbin/semanage
policycoreutils-python-utils-2.4-7.fc23.x86_64
Comment 1 Michal Srb 2015-08-25 04:48:17 EDT
Created attachment 1066782 [details]
proposed patch

I think that this is a problem between Python 3 SWIG bindings around libsemanage and libsepol.

Python 3 SWIG bindings temporarily allocate memory needed for
PyUnicodeObject->char * conversion. This memory is deallocated shortly
after underlying C function returns. Therefore it's necessary to create
a copy of it.
Comment 2 Michal Srb 2015-08-25 06:48:12 EDT
The patch should also fix following bug:

# semanage boolean -m --on polyinstantiation_enabled             
ValueError: Boolean polyinstantiation_enabled is not defined
Comment 3 Petr Lautrbach 2015-08-25 06:54:59 EDT
Thanks for the patch. 

I'm not sure if it's the correct to fix a problem among policycoreutils and libsemanage in libsepol. I'd think that there could be a change of swig definition in libsemanage if it's feasible.
Comment 4 Petr Lautrbach 2015-08-25 07:22:47 EDT
It seems to be really a bug in libsepol and your fix is probably correct (except for the minor memory leak). I'll push an update with this fix asap.
Comment 5 Fedora Update System 2015-08-25 08:24:35 EDT
libsepol-2.4-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219
Comment 6 Petr Lautrbach 2015-08-25 11:21:05 EDT
There's still problem with -m option:

# semanage login -a -s staff_u ivetka && semanage login -l | grep ivetka
ivetka               staff_u              s0                   *

# semanage login -m -s unconfined_u ivetka  
ValueError: Login mapping for ivetka is not defined
Comment 7 Miroslav Grepl 2015-08-25 11:23:18 EDT
I see the same issue. Also "-d" option does not work.

# semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
ValueError: Login mapping for ivetka is not defined

# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
ivetka               staff_u              s0-s0:c0.c1023       *
Comment 8 Fedora Update System 2015-08-26 00:25:23 EDT
libsepol-2.4-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update libsepol'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219
Comment 9 Michal Srb 2015-08-26 01:57:46 EDT
(In reply to Miroslav Grepl from comment #7)
> I see the same issue. Also "-d" option does not work.
> 
> # semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
> ValueError: Login mapping for ivetka is not defined
> 
> # semanage login -l
> 
> Login Name           SELinux User         MLS/MCS Range        Service
> 
> __default__          user_u               s0-s0                *
> ivetka               staff_u              s0-s0:c0.c1023       *

I can reproduce it as well. Looks like semanage_seuser_key_create() doesn't use libsepol under the hood. Therefore similar fix will be needed also for libsemanage. I will also fix potential memory leak in my previous patch.
Comment 10 Fedora Update System 2015-09-03 18:43:28 EDT
policycoreutils-2.4-12.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040
Comment 11 Fedora Update System 2015-09-04 03:33:00 EDT
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update policycoreutils'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040
Comment 12 Fedora Update System 2015-09-04 15:45:16 EDT
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.