[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide selinux-policy-strict whoopsage...



On Thu, 02 Feb 2006 12:31:08 EST, Stephen Smalley said:
> On Thu, 2006-02-02 at 12:18 -0500, Valdis Kletnieks vt edu wrote:
> > 18 assertions.  This looks fixable....
> 
> Yes, that is actually a bug in the copying of assertions during module
> linking - no real assertions failed.  Should be fixed in libsepol
> 1.11.11.

I snagged libsepol-1.11.12 and selinux-policy-strict-2.2.9-2 and now we have:

...
Attempting to install module 'xserver.pp':
Ok: return value of 0.
Attempting to install module 'zebra.pp':
Ok: return value of 0.
Committing changes:
libsepol.check_assertion_helper: assertion on line 0 violated by allow user_sudo_t user_sudo_t:process { setcurrent };
libsepol.check_assertion_helper: assertion on line 0 violated by allow staff_sudo_t staff_sudo_t:process { setcurrent };
libsepol.check_assertion_helper: assertion on line 0 violated by allow sysadm_sudo_t sysadm_sudo_t:process { setcurrent };
libsepol.check_assertions: 3 assertion violations occured
libsemanage.semanage_expand_sandbox: Expand module failed
semodule:  Failed!

Looks like 1 issue left in sudo.pp generating 3 asserts (the upgrade to
libsepol 1.11.12 cleared 18 others).  Haven't dug in yet whether this is
another manifestation of the same/similar bug, or an actual sudo.pp issue. (in
either case, "on line 0" is a busticated message...)

Attachment: pgpt1EsEZ2s2m.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]