I'm trying to install qmail on a hardened system. One of it's deps is cmd5checkpw. This is what I get trying to emerge it: * Adding user 'cmd5checkpw' to your system ... * - Userid: 212 * - Shell: /bin/false * - Home: /dev/null * - Groups: bin useradd: cannot rewrite password file !!! ERROR: net-mail/cmd5checkpw-0.30 failed. !!! Function enewuser, Line 614, Exitcode 1 !!! enewuser failed !!! If you need support, post the topmost build error, NOT this status message. My emerge info: Portage 2.0.53 (selinux/2005.1/x86/hardened, gcc-3.4.4, glibc-2.3.5-r2, 2.6.14-hardened-r1 i686) ================================================================= System uname: 2.6.14-hardened-r1 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz Gentoo Base System version 1.6.13 ccache version 2.3 [enabled] dev-lang/python: 2.3.5, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.20 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache distlocks loadpolicy sandbox selinux sfperms strict" GENTOO_MIRRORS="ftp://gentoo.po.opole.pl ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://gd.tuwien.ac.at/opsys/linux/gentoo/ ftp://ftp.sh.cvut.cz/MIRRORS/gentoo/gentoo" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="acpi apache2 apm bash-completion berkdb bzip2 crypt dlloader expat hardened hardenedphp jpeg libwww maildir memlimit mhash mmx mysql ncurses nls nptl pam pcre perl php pic png postgres python readline selinux sse ssl threads udev usb x86 zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
make sure your filesystem is labeled correctly and try again. make -C /etc/security/selinux/src/policy clean reload relabel dmesg -c emerge cmd5checkpw if it still fails, attach the avc messages from dmesg
(In reply to comment #1) > make sure your filesystem is labeled correctly and try again. > > make -C /etc/security/selinux/src/policy clean reload relabel > dmesg -c > emerge cmd5checkpw > > if it still fails, attach the avc messages from dmesg > I've spent some time digging and found that we have a policy problem on that machine. I haven't solved it yet, but after a reboot the package installed without complaining.