Bug 177883 - error: %post(lirc-0.8.0-0.2.pre4.fc5.i386) scriptlet failed, exit status 255
Summary: error: %post(lirc-0.8.0-0.2.pre4.fc5.i386) scriptlet failed, exit status 255
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 5
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-01-16 02:48 UTC by Jim Cornette
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: selinux-policy-2.2.8-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-01-31 16:28:28 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
grepped denied errors from audit.log (1.08 MB, text/plain)
2006-01-16 03:05 UTC, Jim Cornette
no flags Details

Description Jim Cornette 2006-01-16 02:48:52 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20051215 Fedora/1.7.12-3

Description of problem:
Running pup (now combined in the pirut rpm) from a gnome-terminal as user and giving the password for root at the pop-up GUI prompt, the above scriptlet error was encountered. A previous bug was filed 
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177262
This bug was maked as resolved, but the scriptlet shows this problem still being a problem. The closure for the bug is probably due to my failure to query the rpm database before reporting an all is well.
This bug is a continuation of the bug previously mentioned, but refiled to track with pirut.

Version-Release number of selected component (if applicable):
pam-0.99.2.1-3 pirut-0.9.4-1 selinux-policy-targeted-2.1.10-1 

How reproducible:
Always

Steps to Reproduce:
1. open gnome-terminal
2. enter pup in terminal
3. enter password in GUI prompt requesting password
4. complete update
5. check rpm database for results from transaction
  

Actual Results:  %post and %pre scriptlet errors encountered which prevent package installation on %pre and leave trails of multirevision packages on %post errors.

last transaction resulted in below output in terminal.
[jim@cornette-lt ~]$ pup
error: %post(lirc-0.8.0-0.2.pre4.fc5.i386) scriptlet failed, exit status 255


Expected Results:  The packages should have installed properly.

Additional info:

I am pretty certain that this is an SELinux policy issue that needs to be adjusted. This error was seen before when policies needed adjustment.
With SELinux completely disabled, no %pre or %post scriptlet errors encountered using the above steps.

Comment 1 Jim Cornette 2006-01-16 02:52:31 UTC
removing the db entry for lirc-0.8.0-0.2.pre4.fc5 and running from a root
terminal resulted in the same error. Authentication does not seem to be an
influence 

Comment 2 Jim Cornette 2006-01-16 02:56:25 UTC
 pup
error: %post(lirc-0.8.0-0.2.pre4.fc5.i386) scriptlet failed, exit status 255
[root@cornette-lt packages]# rpm -e --justdb lirc-0.8.0-0.2.pre4.fc5
[root@cornette-lt packages]# setenforce 0
[root@cornette-lt packages]# pup
[root@cornette-lt packages]# rpm -q lirc
lirc-0.8.0-0.2.pre4.fc5

It seems to be SELinux. Setenforce 0 resolves issue.

Comment 3 Jim Cornette 2006-01-16 03:05:51 UTC
Created attachment 123228 [details]
grepped denied errors from audit.log

This is an audit log containing errors experienced with denials.

Comment 4 Jim Cornette 2006-01-16 03:09:49 UTC
 df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/hda2             16425032   6194320   9382884  40% /
/dev/hda1               101086     12237     83630  13% /boot
/dev/shm                322352         0    322352   0% /dev/shm
/dev/hda3              9920624   1335252   8073304  15% /home
/dev/hda6             10605128    291960   9765756   3% /var
/dev/hda3              9920624   1335252   8073304  15% /media/disk

/home is also mounted as media. Another problem, I guess. Submitted for errors
related to /dev/hdx entries.

Comment 5 Jim Cornette 2006-01-17 03:13:20 UTC
Changing this bug to selinux related. The below error was just experienced.
error: %post(bittorrent-gui-4.2.2-2.fc5.noarch) scriptlet failed, exit status 255


Comment 6 Jim Cornette 2006-01-18 00:18:58 UTC
Reassigning bug for SELinux attention and transferring previous assignee to CC. 
Reason: Pirut and pup seem to work fine with SELinux disabled.

Comment 7 Jim Cornette 2006-01-24 19:16:02 UTC
I am still experiencing %post and %pre scriptlet errors with selinux enabled
when using pup to update system. Issuing selinux 0 before running pup allows
packages to update without scriptlet exit status 255 errors.

Comment 8 Daniel Walsh 2006-01-27 06:11:04 UTC
Fixed in selinux-policy-2.2.6-1

Comment 9 Jim Cornette 2006-01-28 14:07:22 UTC
When upgrading selinux-policy-targeted, I ended up with the below error.
Selinux-policy seemed to install without complaint.
I have not run in enforcing yet until policy was upgraded. I will try pup with
selinux enabled to confirm when package deps are reduced n rawhide.

 Updating  : selinux-policy-targeted      ####################### [ 3/12]
Traceback (most recent call last):
  File "/usr/sbin/genhomedircon", line 364, in ?
    selconf.write()
  File "/usr/sbin/genhomedircon", line 325, in write
    fd.write(self.genoutput())
  File "/usr/sbin/genhomedircon", line 316, in genoutput
    ret += self.genHomeDirContext()
  File "/usr/sbin/genhomedircon", line 265, in genHomeDirContext
    users = self.getUsers()
  File "/usr/sbin/genhomedircon", line 210, in getUsers
    (status, list, lsize) = semanage_seuser_list(self.semanageHandle)
NameError: global name 'semanage_seuser_list' is not defined
libsemanage.semanage_install_sandbox: genhomedircon returned error code 1.
/sbin/restorecon reset /usr/bin/rhgb context
system_u:object_r:bin_t->system_u:object_r:xdm_exec_t


Comment 10 Daniel Walsh 2006-01-28 22:12:43 UTC
Yes an updated policycoreutils went in about the same time as an update to
libsemanage.  Unfortunately Rawhide grabbed libsemanage instead of policycoreutils.

Will be in the update tonight.

Comment 11 Jim Cornette 2006-01-29 03:01:46 UTC
Reporting back on actually using pup with selinux active, I updates a few
packages and they installed without any trouble with %post or %pre scriptlets.
The overall dep conflicts are higher than normal to be able to update many
packages. The test was with only a few packages.

Regrding the error in the terminal output, it did not look like something
outputted by design. I figured I'd report the error since it seemed to relate to
SELinux. Thanks for the reason behind the error output generation.

Comment 12 Stephen Tweedie 2006-01-31 15:32:40 UTC
Updating to this morning's rawhide (going from
selinux-policy-targeted-2.1.9-2.noarch to
selinux-policy-targeted-2.2.8-1.noarch), I got just the same error that was
described in comment #9:

  Updating  : selinux-policy-targeted      ################### [ 503/1171]
Traceback (most recent call last):
  File "/usr/sbin/genhomedircon", line 364, in ?
    selconf.write()
  File "/usr/sbin/genhomedircon", line 325, in write
    fd.write(self.genoutput())
  File "/usr/sbin/genhomedircon", line 316, in genoutput
    ret += self.genHomeDirContext()
  File "/usr/sbin/genhomedircon", line 265, in genHomeDirContext
    users = self.getUsers()
  File "/usr/sbin/genhomedircon", line 210, in getUsers
    (status, list, lsize) = semanage_seuser_list(self.semanageHandle)
NameError: global name 'semanage_seuser_list' is not defined
libsemanage.semanage_install_sandbox: genhomedircon returned error code 1.

Did the fix not get picked up by rawhide?  

Thanks.


Comment 13 Daniel Walsh 2006-01-31 16:16:54 UTC
The fix is in policycoreutils-1.29.17-1




Note You need to log in before you can comment on or make changes to this bug.