Bug 1247714 - libsemanage.dbase_llist_query: could not query record value (No such file or directory).
Summary: libsemanage.dbase_llist_query: could not query record value (No such file or ...
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: libsepol
Version: 23
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Petr Lautrbach
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1076441
TreeView+ depends on / blocked
 
Reported: 2015-07-28 16:00 UTC by Petr Lautrbach
Modified: 2015-09-04 19:45 UTC (History)
4 users (show)

Fixed In Version: 2.4-12.fc23
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-09-04 19:45:19 UTC
Type: Bug


Attachments (Terms of Use)
proposed patch (4.77 KB, patch)
2015-08-25 08:48 UTC, Michal Srb
no flags Details | Diff

Description Petr Lautrbach 2015-07-28 16:00:46 UTC
Description of problem:

# /usr/sbin/semanage login -a -s staff_u -r s0-s0:c0.c1023 yeti
libsemanage.dbase_llist_query: could not query record value (No such file or directory).
FileNotFoundError: [Errno 2] No such file or directory

# rpm -qf /usr/sbin/semanage
policycoreutils-python-utils-2.4-7.fc23.x86_64

Comment 1 Michal Srb 2015-08-25 08:48:17 UTC
Created attachment 1066782 [details]
proposed patch

I think that this is a problem between Python 3 SWIG bindings around libsemanage and libsepol.

Python 3 SWIG bindings temporarily allocate memory needed for
PyUnicodeObject->char * conversion. This memory is deallocated shortly
after underlying C function returns. Therefore it's necessary to create
a copy of it.

Comment 2 Michal Srb 2015-08-25 10:48:12 UTC
The patch should also fix following bug:

# semanage boolean -m --on polyinstantiation_enabled             
ValueError: Boolean polyinstantiation_enabled is not defined

Comment 3 Petr Lautrbach 2015-08-25 10:54:59 UTC
Thanks for the patch. 

I'm not sure if it's the correct to fix a problem among policycoreutils and libsemanage in libsepol. I'd think that there could be a change of swig definition in libsemanage if it's feasible.

Comment 4 Petr Lautrbach 2015-08-25 11:22:47 UTC
It seems to be really a bug in libsepol and your fix is probably correct (except for the minor memory leak). I'll push an update with this fix asap.

Comment 5 Fedora Update System 2015-08-25 12:24:35 UTC
libsepol-2.4-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219

Comment 6 Petr Lautrbach 2015-08-25 15:21:05 UTC
There's still problem with -m option:

# semanage login -a -s staff_u ivetka && semanage login -l | grep ivetka
ivetka               staff_u              s0                   *

# semanage login -m -s unconfined_u ivetka  
ValueError: Login mapping for ivetka is not defined

Comment 7 Miroslav Grepl 2015-08-25 15:23:18 UTC
I see the same issue. Also "-d" option does not work.

# semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
ValueError: Login mapping for ivetka is not defined

# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
ivetka               staff_u              s0-s0:c0.c1023       *

Comment 8 Fedora Update System 2015-08-26 04:25:23 UTC
libsepol-2.4-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update libsepol'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219

Comment 9 Michal Srb 2015-08-26 05:57:46 UTC
(In reply to Miroslav Grepl from comment #7)
> I see the same issue. Also "-d" option does not work.
> 
> # semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
> ValueError: Login mapping for ivetka is not defined
> 
> # semanage login -l
> 
> Login Name           SELinux User         MLS/MCS Range        Service
> 
> __default__          user_u               s0-s0                *
> ivetka               staff_u              s0-s0:c0.c1023       *

I can reproduce it as well. Looks like semanage_seuser_key_create() doesn't use libsepol under the hood. Therefore similar fix will be needed also for libsemanage. I will also fix potential memory leak in my previous patch.

Comment 10 Fedora Update System 2015-09-03 22:43:28 UTC
policycoreutils-2.4-12.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040

Comment 11 Fedora Update System 2015-09-04 07:33:00 UTC
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update policycoreutils'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040

Comment 12 Fedora Update System 2015-09-04 19:45:16 UTC
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.