Bug 1291604 - semanage cannot make any domains permissive
semanage cannot make any domains permissive
Status: CLOSED DUPLICATE of bug 1286325
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
23
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-12-15 04:19 EST by Jamie Nguyen
Modified: 2015-12-15 04:42 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-15 04:42:20 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jamie Nguyen 2015-12-15 04:19:20 EST
"semanage permissive -a foo_t" is not able to make any domain permissive. I have tested this on my desktop (Fedora 23 "Workstation") as well as in a fresh VM with a minimal netinstall of Fedora 23 "Server". In both cases, the same error occurs (as below).


Steps to reproduce
------------------

# rpm -q selinux-policy selinux-policy-targeted
selinux-policy-3.13.1-157.fc23
selinux-policy-targeted-3.13.1-157.fc23

man gpg_selinux wrote:
> semanage permissive -a gpg_t can be used to make the process
> type gpg_t permissive.

# semodule -l | grep gpg
gpg

# semanage permissive -a gpg_t
ValueError: ['gpg_t'] is not a domain type


Expected results
----------------

Making a domain permissive should work.
Comment 1 Jamie Nguyen 2015-12-15 04:35:35 EST
The same thing happens for any domain that I tested:

# semanage permissive -a crond_t
ValueError: ['crond_t'] is not a domain type

# semanage permissive -a logrotate_t
ValueError: ['logrotate_t'] is not a domain type

# semanage permissive -a ssh_t
ValueError: ['ssh_t'] is not a domain type

# semanage permissive -a xserver_t
ValueError: ['xserver_t'] is not a domain type
Comment 2 Petr Lautrbach 2015-12-15 04:42:20 EST

*** This bug has been marked as a duplicate of bug 1286325 ***

Note You need to log in before you can comment on or make changes to this bug.