When asking sepolicy to get any information, a backtrace is shown: """ File "/usr/bin/sepolicy-2.7", line 63, in __call__ from sepolicy.network import domains File "/usr/lib64/python2.7/site-packages/sepolicy/network.py", line 44, in <module> portrecs, portrecsbynum = _gen_port_dict() File "/usr/lib64/python2.7/site-packages/sepolicy/network.py", line 31, in _gen_port_dict for i in info(sepolicy.PORT): File "/usr/lib64/python2.7/site-packages/sepolicy/__init__.py", line 182, in info dict_list = _policy.info(setype, name) RuntimeError: No such file or directory """ This is because the _policy code (policy.c) calls the wrap_info() (info.c), which calls info(), which calls get_ports(). The get_ports() eventually does the following check: """ if((range = apol_context_get_range(c)) == NULL) goto err; """ As a result, systems with no MLS support (like the targeted and strict that we use) break. Reproducible: Always
In main tree, ~arch'ed
Stabilized