Red Hat Bugzilla – Bug 1291604
semanage cannot make any domains permissive
Last modified: 2015-12-15 04:42:20 EST
"semanage permissive -a foo_t" is not able to make any domain permissive. I have tested this on my desktop (Fedora 23 "Workstation") as well as in a fresh VM with a minimal netinstall of Fedora 23 "Server". In both cases, the same error occurs (as below).
Steps to reproduce
# rpm -q selinux-policy selinux-policy-targeted
man gpg_selinux wrote:
> semanage permissive -a gpg_t can be used to make the process
> type gpg_t permissive.
# semodule -l | grep gpg
# semanage permissive -a gpg_t
ValueError: ['gpg_t'] is not a domain type
Making a domain permissive should work.
The same thing happens for any domain that I tested:
# semanage permissive -a crond_t
ValueError: ['crond_t'] is not a domain type
# semanage permissive -a logrotate_t
ValueError: ['logrotate_t'] is not a domain type
# semanage permissive -a ssh_t
ValueError: ['ssh_t'] is not a domain type
# semanage permissive -a xserver_t
ValueError: ['xserver_t'] is not a domain type
*** This bug has been marked as a duplicate of bug 1286325 ***