This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 984484 - make setsebool error message saying boolean do not exist more user friendly
make setsebool error message saying boolean do not exist more user friendly
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: policycoreutils (Show other bugs)
6.4
All Linux
unspecified Severity low
: rc
: ---
Assigned To: Daniel Walsh
Michal Trunecka
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-15 07:18 EDT by Jan Hutař
Modified: 2014-09-30 19:35 EDT (History)
6 users (show)

See Also:
Fixed In Version: policycoreutils-2.0.83-19.32.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-11-21 06:08:13 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to make setsebool less verbose on errors. (3.08 KB, patch)
2013-07-16 13:05 EDT, Daniel Walsh
no flags Details | Diff

  None (edit)
Description Jan Hutař 2013-07-15 07:18:01 EDT
Description of problem:
When you attempt to enable some SELinux boolean which do not exist (e.g. you mistype its name), user unfriendly message is generated


Version-Release number of selected component (if applicable):
libselinux-2.0.94-5.3.el6_4.1.x86_64
selinux-policy-3.7.19-195.el6_4.12.noarch


How reproducible:
always


Steps to Reproduce:
1. # setsebool -P spacewalk_nfs_mountpointttt on


Actual results:
libsemanage.dbase_llist_set: record not found in the database (No such file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file or directory).
Could not change boolean spacewalk_nfs_mountpointttt
Could not change policy booleans


Expected results:
Some user friendly error message explaining the problem
Comment 3 Miroslav Grepl 2013-07-15 09:19:25 EDT
Probably should be discussed.
Comment 4 Daniel Walsh 2013-07-15 17:09:41 EDT
I just made a change to Upstream to do the following.

setsebool -P dan 1
Failed to change boolean dan: No such file or directory

setsebool -VP dan 1
libsemanage.dbase_llist_set: record not found in the database (No such file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file or directory).
Failed to change boolean dan: No such file or directory
Comment 5 Eric Paris 2013-07-16 11:27:17 EDT
Looks good to me....
Comment 6 Daniel Walsh 2013-07-16 13:05:25 EDT
Created attachment 774422 [details]
Patch to make setsebool less verbose on errors.

Miroslav if we are doing a policycoreutils update, this is probably worth back porting.

Fix is in RHEL7.
Comment 7 Miroslav Grepl 2013-07-17 05:56:06 EDT
Yes, there will be an update.
Comment 8 RHEL Product and Program Management 2013-07-17 06:11:08 EDT
This request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux release.  Product
Management has requested further review of this request by
Red Hat Engineering, for potential inclusion in a Red Hat
Enterprise Linux release for currently deployed products.
This request is not yet committed for inclusion in a release.
Comment 10 Michal Trunecka 2013-07-22 13:19:10 EDT
The new -V option should be in man page as well.
Comment 11 Daniel Walsh 2013-07-22 15:25:31 EDT
We have the -V in man page in RHEL7
Comment 12 Miroslav Grepl 2013-07-26 06:15:46 EDT
I apologize, I did not update the man page to reflect this change.
Comment 13 Miroslav Grepl 2013-08-08 10:47:26 EDT
Fixed in policycoreutils-2.0.83-19.32.el6
Comment 15 errata-xmlrpc 2013-11-21 06:08:13 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1608.html

Note You need to log in before you can comment on or make changes to this bug.