Description of problem: rpm gives lua errors when doing certain operations. Started to happen after updating from fc2 to rawhide some time ago. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.17.30-2.5 selinux-policy-strict-1.17.30-2 rpm-4.3.2-13 yum-2.1.10-3 How reproducible: always Steps to Reproduce: 1) rpm -E '%__policy_tree' Actual results: BEGIN>>> # rpm -E '%__policy_tree' error: Unterminated {: {lua: 3< (empty) error: Macro %__policy_tree failed to expand error: Unterminated {: {lua: 4< (empty) error: Macro %__policy_tree failed to expand error: Unterminated {: {lua: 5< (empty) *** dozens of lines removed here *** print (t) }t="targeted" f = io.open("/etc/selinux/config") if f then for l in f:lines() do if "SELINUXTYPE=" == string.sub(l,0,12) then t=string.sub(l,13); end end f:close() end print (t) } <<<END Expected results: no errors Additional info: from IRC channel: <nasrat> probably need to harden the policy_tree macro for some error condition you're hitting
WORKSFORME: $ rpm -E '%__policy_tree' strict Hmmm, policy trees were rearranged after fc2 ... Do you have policy packages installed? These two in particular: $ rpm -qf /etc/selinux selinux-policy-targeted-1.17.31-1.noarch.rpm selinux-policy-strict-1.17.31-1.noarch.rpm
Yah, you have installed. Are you sure you are invoking rpm-4.3.2? The error message looks like parser failures from a version of rpm that does not have embedded lua.
# whereis rpm rpm: /bin/rpm /etc/rpm /usr/lib/rpm /usr/include/rpm /usr/share/man/man8/rpm.8.gz # rpm -qf /bin/rpm rpm-4.3.2-13 So, I'm using correct version of rpm binary. # rpm -qf /etc/selinux selinux-policy-targeted-1.17.30-2.11 selinux-policy-strict-1.17.30-2 Just upgraded to these from the ones stated in original bug report, same errors. # rpm -q lua lua-5.0-0.fdr.2.2 Dunno if it matters that I have lua installed or not.
lua installed shouldn't matter, rpm has embedded lua in rpm libraries. Can you verify all the packages involved? rpm -V rpm selinux-policy-targeted selinux-policy-strict Also check /etc/selinux/config. Mine looks like: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=strict
Fixed by installing rpm-libs-4.3.2-13. I had librpm4.3-4.3.1-0.3_26.rhfc2.at installed for some reason, and it provided too version of the libs without lua. Perhaps dependencies of rpm-4.3.2-13 should be changed to require package rpm-libs instead of librpm-4.3.so.