[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide selinux-policy-strict whoopsage...



Valdis Kletnieks vt edu wrote:
On Fri, 03 Feb 2006 13:19:52 EST, Valdis Kletnieks vt edu said:

Committing changes:
libsepol.check_assertion_helper: assertion on line 0 violated by allow user_sudo_t user_sudo_t:process { setcurrent };
libsepol.check_assertion_helper: assertion on line 0 violated by allow staff_sudo_t staff_sudo_t:process { setcurrent };
libsepol.check_assertion_helper: assertion on line 0 violated by allow sysadm_sudo_t sysadm_sudo_t:process { setcurrent };
libsepol.check_assertions: 3 assertion violations occured
libsemanage.semanage_expand_sandbox: Expand module failed
semodule:  Failed!

Follow-up - moving sudo.pp out of the way gets me this:

Committing changes:
/etc/selinux/strict/contexts/files/file_contexts: Multiple same specifications for /usr/sbin/sendmail.postfix.
/etc/selinux/strict/contexts/files/file_contexts: Multiple different specifications for /var/spool/postfix(/.*)?  (system_u:object_r:postfix_spool_t:s0 and system_u:object_r:mail_spool_t:s0).
genhomedircon:  Warning!  No support yet for expanding ROLE macros in the /etc/selinux/strict/contexts/files/homedir_template file when using libsemanage.
genhomedircon:  You must manually update file_contexts.homedirs for any non-user_r users (including root).
Ok: transaction number 101.

Not perfect, but at least I'm back to running a functional 'strict' and only chasing
quirks rather than total failures. ;)


Those are fixed in tonights rawhide. Currently available on ftp://people.redhat.com/dwalsh/SELinux/Fedora

I am not seeing the sudo problems???


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]