First Last Prev Next    This bug is not in your last search results.
Bug 460971 - "semanage translation -a" causes denials; setrans.conf mode changed
"semanage translation -a" causes denials; setrans.conf mode changed
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-02 22:45 EDT by Murray McAllister
Modified: 2015-01-04 17:35 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-05 11:29:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
AVC denials (5.60 KB, text/plain)
2008-09-02 22:47 EDT, Murray McAllister 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Murray McAllister 2008-09-02 22:45:36 EDT 
Description of problem:

Running "semanage translation -a -T Secret s0:c2" causes denials and
setrans.conf mode changes.

Version-Release number of selected component (if applicable):

* Fedora release 9.90.1 (Rawhide)

* policycoreutils-2.0.55-1.fc10.i386

* libselinux-2.0.71-1.fc10.i386
* selinux-policy-mls-3.5.5-3.fc10.noarch
* libselinux-python-2.0.71-1.fc10.i386
* selinux-policy-targeted-3.5.5-3.fc10.noarch
* selinux-policy-3.5.5-3.fc10.noarch

SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 23
Policy from config file:        targeted

How reproducible:
Always

Steps to Reproduce:
1. ls -l /etc/selinux/targeted/setrans.conf 
-rw-r--r-- 1 root root 611 2008-09-03 11:14 /etc/selinux/targeted/setrans.conf

2. semanage translation -a -T Secret s0:c2
/etc/init.d/functions: line 19: /sbin/consoletype: Permission denied
env: /etc/init.d/mcstrans: Permission denied

3. ls -l /etc/selinux/targeted/setrans.conf 
-rw------- 1 root root 611 2008-09-03 11:14 /etc/selinux/targeted/setrans.conf
  
Actual results:
Errors on the console; AVC denials; setrans.conf mode changed from 644 to 600.

Expected results:

No errors on the console; no AVC denials; setrans.conf mode stays as 644.
Comment 1 Murray McAllister 2008-09-02 22:46:43 EDT 
"semanage translation -a -T Secret s0:c2" adds the translation despite the errors and denials.

Looks almost the same as bug #460970 but with less denials.
Comment 2 Murray McAllister 2008-09-02 22:47:37 EDT 
Created attachment 315613 [details]
AVC denials
Comment 3 Daniel Walsh 2008-09-05 11:29:56 EDT 
Fixed in selinux-policy-3.5.6-2.fc10.noarch
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.