Red Hat Bugzilla – Bug 468798
[RHEL5.3] audit test fails "root:system_r:unconfined_t is not a valid context"
Last modified: 2009-01-20 17:07:55 EST
Description of problem: When running the LTP SElinux and the HP audit-test-2090 test suites they both fail with the same error message: root:system_r:unconfined_t is not a valid context Version-Release number of selected component (if applicable): RHEL5.3-Server-20081020.1 How reproducible: Always Steps to Reproduce: 1. Using the Beta tree RHEL5.3-Server-20081020.1 run either of the following tests. /kernel/security/audit/audit-test-2090 or /kernel/security/selinux/ltp-selinux/20080229 Actual results: <snip> make[2]: Leaving directory `/mnt/tests/kernel/security/audit/audit-test-2090/audit-test/utils' make[1]: Leaving directory `/mnt/tests/kernel/security/audit/audit-test-2090/audit-test' echo "Done building for i386" Done building for i386 chmod +x ./runtest.sh ./runtest.sh Changing password for user eal. passwd: all authentication tokens updated successfully. Stopping auditd: [ OK ] Starting auditd: [ OK ] Starting vsftpd for vsftpd: [ OK ] ***** Starting the runtest.sh script ***** ***** Current Test Version = rh-tests-kernel-security-audit-audit-test-2090-1.0 ***** ***** Current Running Kernel Package = kernel-2.6.18-120.el5dz_test2.i686 ***** ***** Test Start Time: Sat Oct 25 03:02:20 EDT 2008 ***** /mnt/tests/kernel/security/audit/audit-test-2090/audit-test/audit-tools /mnt/tests/kernel/security/audit/audit-test-2090/audit-test root:system_r:unconfined_t is not a valid context audit-tools Failed zero Length logs: /mnt/tests/kernel/security/audit/audit-test-2090/audit-test ***** Test Stop Time: Sat Oct 25 03:02:20 EDT 2008 ***** ***** End of runtest.sh ***** </snip> Expected results: This should pass Additional info: These tests were working as RHEL5.3-Server-20080814.nightly Spoke with Steve Grubb: "HP said that we had a labeling problem and for us to go review the README file." Not sure what labeling issue we supposedly have or what README file we should read. But this has nothing to do with the audit-test or the LTP SELinux tests. I believe that is has more to do with the way these test are spawned in RHTS. But I am not specifically sure what the error means. If I take the tests(audit-test, LTP selinux) completely out of the picture. Just using a freshly installed RHEL5-U2 systems and run the following command: /usr/bin/runcon root:system_r:unconfined_t -- ls I get a directory listing: anaconda-ks.cfg install.log install.log.syslog ks-post.log If I install a system with RHEL5.3-Server-20081020.1 (AKA BETA) and run the same command: /usr/bin/runcon root:system_r:unconfined_t -- ls It fails with the following message: root:system_r:unconfined_t is not a valid context Same error that is reported by the tests.
Created attachment 321695 [details] README.run
I think the problem is your test is relying on mcstrans running. In the failure case it is not running. root:system_r:unconfined_t:s0 Is correct, You should never rely in a test on translation daemon being run or the translations being the same.
Fixed in mcstrans-0.2.11-2.el5
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0231.html