This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 296871 - installation of package fails selinux-policy-strict-2.4.6-88.fc6@noarch:
installation of package fails selinux-policy-strict-2.4.6-88.fc6@noarch:
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict (Show other bugs)
6
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-19 15:58 EDT by john bray
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-09-24 15:22:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description john bray 2007-09-19 15:58:33 EDT
Description of problem:
install fails for selinux-policy-strict-2.4.6-88.fc6@noarch:

Version-Release number of selected component (if applicable):
selinux-policy-strict-2.4.6-88.fc6@noarch:

How reproducible:
i assume 100%

Steps to Reproduce:
1. install the package
2.
3.
  
Actual results:

Output from selinux-policy-strict-2.4.6-88.fc6@noarch:
libsepol.context_from_record: type httpd_nagios_script_exec_t is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert
system_u:object_r:httpd_nagios_script_exec_t:s0 to sid
/etc/selinux/strict/contexts/files/file_contexts:  line 282 has invalid context
system_u:object_r:httpd_nagios_script_exec_t:s0
libsemanage.semanage_install_active: setfiles returned error code 1.
/etc/selinux/strict/contexts/files/file_contexts: Multiple different
specifications for /usr/bin/apt-get  (system_u:object_r:rpm_exec_t:s0 and
system_u:object_r:apt_exec_t:s0).
/etc/selinux/strict/contexts/files/file_contexts: Multiple different
specifications for /usr/bin/apt-shell  (system_u:object_r:rpm_exec_t:s0 and
system_u:object_r:apt_exec_t:s0).
/etc/selinux/strict/contexts/files/file_contexts: Multiple different
specifications for /usr/sbin/synaptic  (system_u:object_r:rpm_exec_t:s0 and
system_u:object_r:apt_exec_t:s0).
semodule:  Failed!
Expected results:


Additional info:
Comment 1 Daniel Walsh 2007-09-21 15:17:10 EDT
Do you have apt module installed?

semodule -l | grep apt

If so/please remove

semodule -r apt

The nagios bug is fixed in 
selinux-policy-targeted-2.4.6-94.fc6
Comment 2 john bray 2007-09-21 15:42:16 EDT
(In reply to comment #1)
> Do you have apt module installed?
> 
> semodule -l | grep apt

apparently not:

[root@junior ~]# semodule -l | grep apt
[root@junior ~]# uname -a
Linux junior 2.6.22.2-42.fc6 #1 SMP Wed Aug 15 12:34:26 EDT 2007 i686 athlon
i386 GNU/Linux

Comment 3 Daniel Walsh 2007-09-21 16:06:10 EDT
Well I don't see how the apt_exec_t functions got there.

They should be turned off in selinux-policy-strict or any other policy Fedora ships.
Comment 4 john bray 2007-09-21 17:33:55 EDT
dan - what other information can i provide you?  i don't believe that i have
ever made any changes in selinux policy -- only installed your packages.  i'll
get you whatever you need.  or give you access to the box if that's helpful.

here's a bit:
[root@junior ~]# semodule -l
amavis  1.1.0
apcupsd 1.0.0
ccs     1.0.0
clamav  1.1.0
dcc     1.1.0
evolution       1.1.0
fail2ban        1.0.0
iscsid  1.0.0
mozilla 1.1.0
mplayer 1.1.0
nagios  1.1.0
oddjob  1.0.1
pcscd   1.0.0
pyzor   1.1.0
razor   1.1.0
ricci   1.0.0
smartmon        1.1.0
suspend2        1.0
[root@junior ~]# 

and:

[root@junior ~]# date
Fri Sep 21 16:27:51 CDT 2007
[root@junior ~]# izrpm selin
selinux-policy-strict-2.4.6-88.fc6            Wed Sep 19 14:45:58 2007
selinux-policy-targeted-2.4.6-88.fc6          Wed Sep 19 14:45:37 2007
selinux-policy-2.4.6-88.fc6                   Wed Sep 19 14:42:48 2007
libselinux-python-1.33.4-2.fc6                Thu Jan 18 01:51:53 2007
libselinux-devel-1.33.4-2.fc6                 Thu Jan 18 01:51:51 2007
libselinux-1.33.4-2.fc6                       Thu Jan 18 01:47:55 2007
selinux-doc-1.26-1.1                          Wed Jan 17 13:44:25 2007
[root@junior ~]# 

-- john
Comment 5 Daniel Walsh 2007-09-22 07:48:53 EDT
john are you running with strict policy?  Or is this just happening because you
have it installed?

If you are not just remove the paclages
rpm -e selinux-policy-strict
Comment 6 john bray 2007-09-22 12:26:56 EDT
it's just installed.  not in use.

i'll remove it.

Note You need to log in before you can comment on or make changes to this bug.