Bug 696809 - system-config-selinux could not open interface info
Summary: system-config-selinux could not open interface info
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: policycoreutils
Version: 6.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Daniel Walsh
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-04-14 21:40 UTC by Harry DePoy
Modified: 2011-12-06 15:30 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 15:30:42 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1637 0 normal SHIPPED_LIVE policycoreutils bug fix and enhancement update 2011-12-06 00:50:40 UTC

Description Harry DePoy 2011-04-14 21:40:40 UTC 
Description of problem:
Same as Fedora bug 679596

Cannot run system-config-selinux


Version-Release number of selected component (if applicable):


How reproducible:

every time


Steps to Reproduce:
1.sudo system-config-selinux
2.
3.
  
Actual results:
could not open interface info [/var/lib/sepolgen/interface_info]

Expected results:
open Selinux configuration gui 

Additional info:

Indiana University server
Comment 3 Milos Malik 2011-04-15 07:14:05 UTC 
I believe the bug report should belong to policycoreutils (not selinux-policy) component.
Comment 4 Daniel Walsh 2011-04-15 12:59:27 UTC 
Harry were you running this on a disabled machine?
Comment 5 Harry DePoy 2011-04-15 14:01:06 UTC 
Selinux is NOT enabled. So are you saying to enable Selinux then try the system-config-selinux utility?
Comment 6 Daniel Walsh 2011-04-15 15:24:54 UTC 
No just checking if something else was wrong.  It should not blow up with this, but the reason the file does not exists is SELinux is disabled.  We don't ususally test the selinux config tool on a disabled machine.
Comment 7 Harry DePoy 2011-04-15 15:31:16 UTC 
I see. I have just reinstalled all the Selinux packages and configured for permissive mode. I want tp build a module for Big Brother to run under Selinux. I have done this on our RHES 5.x servers without a problem. I cannot get any Selinux GUI utility to run nor does "setenforce Permissive" work.
Comment 8 Harry DePoy 2011-04-15 15:40:34 UTC 
I managed to get Selinux running in permissive mode, but still get same error trying to run system-config-selinux:

[root@electron ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        targeted
[root@electron ~]# system-config-selinux
could not open interface info [/var/lib/sepolgen/interface_info]
[root@electron ~]#
Comment 9 Daniel Walsh 2011-04-15 15:57:30 UTC 
does 

# sepolgen-ifgen

return errors.
Comment 10 Harry DePoy 2011-04-15 16:13:50 UTC 
No it does not.
Comment 11 Daniel Walsh 2011-04-15 17:26:28 UTC 
Does /var/lib/sepolgen/interface_info exist now?
Comment 12 Harry DePoy 2011-04-15 17:38:33 UTC 
It does exist.
Comment 13 Harry DePoy 2011-04-15 17:39:47 UTC 
Now system-config-selinux runs!
Comment 14 Harry DePoy 2011-04-15 18:06:52 UTC 
I just finished creating the policy module, so far it is working. I was able to enable Selinux via the GUI on RHES5. This time I had to edit the /etc/selinux/config then reboot twice. Shouldn't I be able to work with system-config-selinux without making the config file edit?
Comment 15 Harry DePoy 2011-04-15 21:30:04 UTC 
Thanks all. by the way Daniel, it is your article I used as the procedure to build the policy module.

Harry
Comment 16 Daniel Walsh 2011-04-18 15:27:20 UTC 
Yes  this is a bug in policycoreutils. you should be able to at least run the app to turn SELinux on on a disabled system.
Comment 17 Daniel Walsh 2011-05-26 14:42:08 UTC 
Fixed in policycoreutils-2.0.83-19.2.el6
Comment 21 errata-xmlrpc 2011-12-06 15:30:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1637.html
Note You need to log in before you can comment on or make changes to this bug.