Bug 301751 - libselinux-2.0.14-7 causes python tracebacks
libselinux-2.0.14-7 causes python tracebacks
Product: Fedora
Classification: Fedora
Component: libselinux (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-09-22 14:04 EDT by Kevin Fenzi
Modified: 2008-01-21 10:44 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-21 10:44:43 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kevin Fenzi 2007-09-22 14:04:29 EDT
Using the 2.0.14-7.x86_64 version from updates-testing, I get things like: 

# cat /var/log/audit/audit.log* | audit2allow -m local20070922
Traceback (most recent call last):
  File "/usr/bin/audit2allow", line 30, in <module>
    import sepolgen.module as module
  File "/usr/lib64/python2.5/site-packages/sepolgen/module.py", line 27, in <module>
    import selinux
  File "/usr/lib64/python2.5/site-packages/selinux.py", line 7, in <module>
    import _selinux
ImportError: /usr/lib64/python2.5/site-packages/_selinux.so: undefined symbol:

Also, upgrading selinux-policy resulted in a similar traceback. 

Note that this is a pure x86_64 box, no i386 rpms installed. 
I wonder if there is some i386 dependency here thats not known to rpm?

Happy to test or provide more info.
Comment 1 Todd Zullinger 2007-09-25 14:39:39 EDT
I don't think it's x86_64 specific.  I get the same traceback from anything that
tries to import selinux.  Reverting to 2.0.14-6.fc7 removes this particular
error.  It seems something is off in the swig patch with -7.  There is a
different swig patch in the devel branch, so maybe Dan already knows about the
problem and has a fix in the works.
Comment 2 Daniel Walsh 2007-09-25 17:54:22 EDT
Could you check 2.0.14-8 in fedora-testing?
Comment 3 Kevin Fenzi 2007-09-25 18:21:49 EDT
Seems to work fine here... :) 
Comment 4 Todd Zullinger 2007-09-25 22:25:07 EDT
Hmm, audit2allow and "import python" in the interactive interpreter work with
2.0.14-8, but setroubleshootd[1] still dies on startup:

# setroubleshootd -f
Traceback (most recent call last):
  File "/usr/sbin/setroubleshootd", line 71, in <module>
    from setroubleshoot.server import RunFaultServer
  File "/usr/lib/python2.5/site-packages/setroubleshoot/server.py", line 35, in
    from setroubleshoot.analyze import *
  File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 35, in
    from setroubleshoot.avc_audit import *
  File "/usr/lib/python2.5/site-packages/setroubleshoot/avc_audit.py", line 138,
in <module>
    my_context = AvcContext(selinux.getcon()[1])
TypeError: getcon() takes exactly 1 argument (0 given)

This doesn't happen with 2.0.14-6.  (With 2.0.14-7, setroubleshootd dies at the
import python stage, from the undefined symbol: fsetfilecon_raw problem.)

[1]  setroubleshoot 1.9.4-2, see bug #289371 for why 1.10.1-1 from
updates-testing is dieing -- it seems to require selinux-policy >= 3.0.7-10,
which isn't available for F7
Comment 5 Kevin Fenzi 2007-09-26 13:52:03 EDT
Ah, I didn't have setroubleshoot setup here.. I do see that same thing here with
Comment 6 Todd Zullinger 2007-09-27 11:43:07 EDT
I just tested libselinux-2.0.14-9.fc7.i386 from koji and it seems to resolve the
problems with setroubleshoot (combined with the fixes in
selinux-policy-2.6.4-45).  audit2allow and "import selinux" both work as well.

Thanks for the quick fixes Dan!  I'll be sure to leave a comment in bodhi when
this update hits testing, with a positive karma (unless I run across any other
issues before then :).

Note You need to log in before you can comment on or make changes to this bug.