abrt detected a crash. How to reproduce: Launch "SELinux Management" from menu Comment ----- Possibly related: I'm seeing the following warning on the console: /etc/selinux/targeted/contexts/files/file_contexts.local: line 4 has invalid file type Studio (I added an exception for a file in a directory whose name contained spaces, and the second word of which was "Studio".) Attached file: backtrace cmdline: /usr/bin/python /usr/share/system-config-selinux/system-config-selinux.py component: policycoreutils executable: /usr/share/system-config-selinux/system-config-selinux.py kernel: 2.6.31.5-127.fc12.i686 package: policycoreutils-gui-2.0.74-4.fc12 uuid: 44796086
Created attachment 369657 [details] File: backtrace
Fixed in policycoreutils-2.0.74-16.fc12 Please check it out in fedora-updates-testing. If it works for you update the koji status.
The updated package doesn't fix the problem, generating an almost identical (modulo line numbers) backtrace. Abrt apparently doesn't pick up all of the warnings however. Running system-config-selinux from a terminal gives: libsepol.sepol_context_from_string: malformed context "Studio" (Invalid argument). libsepol.sepol_context_from_string: could not construct context from string (Invalid argument). libsemanage.fcontext_parse: invalid security context "Studio" (/etc/selinux/targeted/modules/active//file_contexts.local: 4) /opt/Aptana Studio 2.0/AptanaStudio system_u:object_r:execmem_exec_t:s0 (Invalid argument). libsemanage.fcontext_parse: could not parse file context record (Invalid argument). libsemanage.dbase_file_cache: could not cache file database (Invalid argument). libsemanage.enter_ro: could not enter read-only section (Invalid argument). Traceback (most recent call last): File "/usr/share/system-config-selinux/system-config-selinux.py", line 186, in <module> app = childWindow() File "/usr/share/system-config-selinux/system-config-selinux.py", line 86, in __init__ self.add_page(fcontextPage.fcontextPage(xml)) File "/usr/share/system-config-selinux/fcontextPage.py", line 94, in __init__ self.load() File "/usr/share/system-config-selinux/fcontextPage.py", line 126, in load fcon_dict=self.fcontext.get_all(self.local) File "/usr/lib/python2.6/site-packages/seobject.py", line 1756, in get_all (rc, fclocal) = semanage_fcontext_list_local(self.sh) TypeError: 'int' object is not iterable
You entered a path with spaces into the regex. This is not going to work. The bug is you should not have been allowed to add it. YOu need to add the label "/opt/Aptana.Studio.2\.0/AptanaStudio" to make it work.
Well, it 'works' insofar as the app now runs, but I guess that's the non-permanent labelling? (my terminology is almost certainly wrong) While it might be a bug that I was allowed to add the rule, semanage happiliy added the rule, but now chokes when I try to remove the rule (to workaround this bug). As a result, I guess I have to resort to hand-editing the file (which the file itself tells me not to do). Also, I added the exception using the command line suggested by setroubleshoot, so I guess there is a bug in setroubleshoot as to what workaround is suggested.
I would say haveing a product with a path that includes embedded spaces is also a bug. :^( It is a bad idea. # /usr/sbin/semanage fcontext -a -t execmem_exec_t "/opt/Aptana Studio 2.0/AptanaStudio" /usr/sbin/semanage: File specification can not include spaces Added in policycoreutils-2_0_74-18_fc12 A little harder problem in setroubleshoot, though.
Okay. After removing the offending line, system-config-selinux now works as expected, so I guess this bug should be closed. Should I file a bug for setroubleshoot?
Fixed in policycoreutils-2.0.74-18.fc12 Yes open a bugzilla on setroubleshoot.
This message is a reminder that Fedora 12 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 12. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '12'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 12's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 12 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping