Bug 1303696 - sedispol seems to loop indefinitely
sedispol seems to loop indefinitely
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: checkpolicy (Show other bugs)
7.2
x86_64 Linux
medium Severity medium
: rc
: ---
Assigned To: Petr Lautrbach
Milos Malik
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-01 11:57 EST by Milos Malik
Modified: 2016-11-03 22:15 EDT (History)
4 users (show)

See Also:
Fixed In Version: checkpolicy-2.5-2.el7.x86_64
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-03 22:15:53 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Milos Malik 2016-02-01 11:57:51 EST
Description of problem:
 * sedispol does not show any unconditional rules when analyzing binary policy

Version-Release number of selected component (if applicable):
checkpolicy-2.1.12-6.el7.x86_64
selinux-policy-3.13.1-60.el7.noarch
selinux-policy-targeted-3.13.1-60.el7.noarch

How reproducible:
always

Steps to Reproduce:
# sedispol /etc/selinux/targeted/policy/policy.29 
Reading policy...
libsepol.policydb_index_others: security:  8 users, 105 roles, 4969 types, 303 bools
libsepol.policydb_index_others: security: 1 sens, 1024 cats
libsepol.policydb_index_others: security:  83 classes, 105836 rules, 16314 cond rules
binary policy file loaded

Select a command:
1)  display unconditional AVTAB
2)  display conditional AVTAB (entirely)
3)  display conditional AVTAG (only ENABLED rules)
4)  display conditional AVTAB (only DISABLED rules)
5)  display conditional bools
6)  display conditional expressions
7)  change a boolean value
8)  display role transitions
c)  display policy capabilities
p)  display the list of permissive types
u)  display unknown handling setting
F)  display filename_trans rules
f)  set output file
m)  display menu
q)  quit

Command ('m' for menu):  1

Actual results:
 * it consumes 100% of CPU for a long time without showing any results

Expected results:
 * it shows all unconditional rules and stops consuming 100% of CPU
Comment 6 errata-xmlrpc 2016-11-03 22:15:53 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2281.html

Note You need to log in before you can comment on or make changes to this bug.