Emerging checkpolicy 1.4-r1 according to the Gentoo SELinux Quick Start guide, checkpolicy gets an access violation error (see below) when installing its man page. Reproducible: Always Steps to Reproduce: 1.follow SELinux quick start guide 2.emerge checkpolicy 3.Access violation Actual Results: Last portion of emerge output: >>> Install checkpolicy-1.4-r1 into /var/tmp/portage/checkpolicy-1.4-r1/image/ category sys-apps mkdir -p /var/tmp/portage/checkpolicy-1.4-r1/image//usr/bin mkdir -p /usr/athena/man/man8 install -m 755 checkpolicy /var/tmp/portage/checkpolicy-1.4-r1/image//usr/bin pts/0 2336 install -m 644 checkpolicy.8 /usr/athena/man/man8 ACCESS DENIED open_wr: /usr/athena/man/man8/checkpolicy.8 install: cannot create regular file `/usr/athena/man/man8/checkpolicy.8': Permission denied make: *** [install] Error 1 man: prepallstrip: strip: strip: usr/bin/checkpolicy >>> Completed installing into /var/tmp/portage/checkpolicy-1.4-r1/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/tmp/sandbox-sys-apps_-_checkpolicy-1.4-r1-15854.log" open_wr: /usr/athena/man/man8/checkpolicy.8 -------------------------------------------------------------------------------- Expected Results: clean emerge [root@dot]$ emerge info !!! SELinux module not found. Please verify that it was installed. pts/0 2343 Portage 2.0.50-r3 (selinux-x86-1.4, gcc-3.3.2, glibc-2.3.2-r9, 2.6.5-mm1) ================================================================= System uname: 2.6.5-mm1 i586 AMD-K6(tm) 3D processor Gentoo Base System version 1.4.3.13 Autoconf: sys-devel/autoconf-2.58-r1 Automake: sys-devel/automake-1.8.3 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-march=k6-2 -O3 -pipe -fomit-frame-pointer" CHOST="i586-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=k6-2 -O3 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox sfperms strict" GENTOO_MIRRORS="ftp://gentoo.ccccom.com http://gentoo.ccccom.com http://mirrors.tds.net/gentoo ftp://csociety-ftp.ecn.purdue.edu/pub/gentoo/ http://mirror.tucdemonic.org/gentoo/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow X509 aalib acl acpi apache2 apm berkdb cdr crypt cscope cups curl dga directfb fam fbcon gdbm gpm imap imlib innodb jpeg kerberos krb4 ldap libwww mad maildir memlimit mmx mpeg mysql ncurses oggvorbis opengl pam perl png ppds prelude python qt readline samba sasl selinux slang slp snmp ssl svga tcpd tiff truetype usb x86 xml xml2 zlib"
Similar error with policycoreutils-1.4-r1: >>> Install policycoreutils-1.4-r1 into /var/tmp/portage/policycoreutils-1.4-r1/image/ category sys-apps * Installing policycoreutils make: Entering directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4' make[1]: Entering directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/setfiles' [ -d /var/tmp/portage/policycoreutils-1.4-r1/image//usr/share/man/man8 ] || mkdir -p /var/tmp/portage/policycoreutils-1.4-r1/image//usr/share/man/man8 mkdir -p /var/tmp/portage/policycoreutils-1.4-r1/image//usr/sbin install -m 755 setfiles /var/tmp/portage/policycoreutils-1.4-r1/image//usr/sbin install -m 644 setfiles.8 /var/tmp/portage/policycoreutils-1.4-r1/image//usr/share/man/man8 make[1]: Leaving directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/setfiles' make[1]: Entering directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/load_policy' mkdir -p /var/tmp/portage/policycoreutils-1.4-r1/image//usr/sbin install -m 755 load_policy /var/tmp/portage/policycoreutils-1.4-r1/image//usr/sbin make[1]: Leaving directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/load_policy' make[1]: Entering directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/newrole' test -d /var/tmp/portage/policycoreutils-1.4-r1/image//usr/bin || install -m 755 -d /var/tmp/portage/policycoreutils-1.4-r1/image//usr/bin test -d /var/tmp/portage/policycoreutils-1.4-r1/image//etc/pam.d || install -m 755 -d /var/tmp/portage/policycoreutils-1.4-r1/image//etc/pam.d test -d /usr/athena/man/man1 || install -m 755 -d /usr/athena/man/man1 install -m 555 newrole /var/tmp/portage/policycoreutils-1.4-r1/image//usr/bin install -m 644 newrole.1 /usr/athena/man/man1/ ACCESS DENIED open_wr: /usr/athena/man/man1/newrole.1 install: cannot create regular file `/usr/athena/man/man1/newrole.1': Permission denied make[1]: *** [install] Error 1 make[1]: Leaving directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4/newrole' make: *** [install] Error 1 make: Leaving directory `/var/tmp/portage/policycoreutils-1.4-r1/work/policycoreutils-1.4' !!! ERROR: sys-apps/policycoreutils-1.4-r1 failed. !!! Function src_install, Line 56, Exitcode 2 !!! (no error message) --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/tmp/sandbox-sys-apps_-_policycoreutils-1.4-r1-16350.log" open_wr: /usr/athena/man/man1/newrole.1 --------------------------------------------------------------------------------
is this still happening for you on current selinux packages?
please reopen if this happens on current checkpolicy ebuilds.
I`ve got this error with checkpolicy-1.16 and policycoreutils-1.16 emerge info: Portage 2.0.51-r3 (selinux/2004.1/x86, gcc-3.4.1, glibc-2.3.4.20040808-r1, 2.6.10-gentoo-r2selinux i686) ================================================================= System uname: 2.6.10-gentoo-r2selinux i686 Pentium III (Coppermine) Gentoo Base System version 1.6.8 distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.3 [enabled] Autoconf: sys-devel/autoconf-2.59-r5 Automake: sys-devel/automake-1.8.5-r1 Binutils: sys-devel/binutils-2.15.90.0.1.1-r3 Headers: sys-kernel/linux26-headers-2.6.8.1-r1 Libtools: sys-devel/libtool-1.5.2-r7 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=pentium3 -O2 -pipe -mfpmath=sse,387 -frename-registers -mmmx -msse" CHOST="i686-pc-linux-gnu" COMPILER="" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/X11/Sessions /etc/default /etc/gconf /etc/sound /etc/terminfo /etc/xinetd.d /etc/env.d" CXXFLAGS="-march=pentium3 -O2 -pipe -mfpmath=sse,387 -frename-registers -mmmx -msse" DISTDIR="/mnt/share1/gentoo/distfiles" FEATURES="autoaddcvs autoconfig candy ccache distlocks fixpackages sandbox sfperms strict userpriv usersandbox" GENTOO_MIRRORS="http://mirror.gentoo.ru/pub/mirror/gentoo/ ftp://mirror.gentoo.ru/pub/mirror/gentoo/ ftp://gentoo.inode.at/source/ http://gd.tuwien.ac.at/opsys/linux/gentoo/ ftp://gd.tuwien.ac.at/opsys/linux/gentoo/" MAKEOPTS="-j2" PKGDIR="/mnt/share1/gentoo/packages" PORTAGE_TMPDIR="/mnt/share1/gentoo/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/mnt/share1/gentoo/portage/misc /mnt/share1/gentoo/portage/foreign" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="GAPING_SECURITY_HOLE S3TC X X509 Xaw3d aac aalib aavm accessibility acpi acpi4linux activefilter alsa ansi apache2 arts atm auctex audiofile avi bash-completion bdf beepmp berkdb bitmap-fonts blender-game bootspla bzip2 c++ cap cdparanoia cdr chroot codecs crypt cscope cups curl dedicated dga dhcp divx4linux dlopen dmx doc dv dvb dvd dvdr erandom exif ext-png ext-zlib extensions extlib faac faad fam fastcgi fb fbcon ffmpegflac fmod font-server fpx frascend freetype frlargefiles frxp fwdzone gcj gcl gd gdbm gif gimpprint ginac glep glut gmp gphoto2 gpm graphviz iconv icq idea imagemagick imap innkeywords innodb inntaggedhash ipv6 ithreads jabber java javascript jbig jce jikes jpeg junit kde kerberos krb4 ladcca lcms ldap libsamplerate live lufsusermount lzw-tiff mad maildir mailwrapper maps mbox mikmod mmap mmx mng motif mozdevelop moznoirc moznomail mozsvg mozxmlterm mpeg4 mpi mppe-mppc msn multipleip music mysql nagios-dns nagios-ntp nagios-ping nagios-s ncurses network nis nls nntp nocd nowin nptl ntlm nvidia oav objc oggvorbis ooo-kde opengl operanom2 oss pam parse-clocks pcap pcre pdflib perl pg-hier pg-intdatetime pg-vacuumdelay php pic pie plotutils png pnp posix postgres povray pthreads python qhull qt readline rogue samba sasl scanner sdk sdl selinux sftplogging silc silverxp skey slang slp smartcard sndfile snmp soap sockets socks5 sounds sox speedo speex spl sqlite src sse ssl stencil-buffer stroke svg sysvipc tcpd tetex theora threads tidy tiff tools transparent-proxy truetype-fonts type1-fonts unicode usb vda vhosts videos vim-with-x virus-scan wifi wmf wsconvert x86 xatrix xfs xine xml xml2 xmlrpc xpm xprint xrandr xsl xvid xvmc yp yv12 zlib linguas_ru"
I got the same error on sys-apps/checkpolicy-1.20. emerge --oneshot sys-apps/checkpolicy (Last part of output): >>> Install checkpolicy-1.20 into /var/tmp/portage/checkpolicy-1.20/image/ category sys-apps mkdir -p /var/tmp/portage/checkpolicy-1.20/image//usr/bin mkdir -p /usr/athena/man/man8 install -m 755 checkpolicy genpolusers /var/tmp/portage/checkpolicy-1.20/image//usr/bin install -m 644 checkpolicy.8 /usr/athena/man/man8 ACCESS DENIED unlink: /usr/athena/man/man8/checkpolicy.8 install: cannot remove `/usr/athena/man/man8/checkpolicy.8': Permission denied make: *** [install] Error 1 man: prepallstrip: strip: strip --strip-unneeded strip: strip --strip-unneeded usr/bin/checkpolicy usr/bin/genpolusers >>> Completed installing checkpolicy-1.20 into /var/tmp/portage/checkpolicy-1.20/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/tmp/sandbox-sys-apps_-_checkpolicy-1.20-3365.log" unlink: /usr/athena/man/man8/checkpolicy.8 -------------------------------------------------------------------------------- However, the following does work correctly (except for installing the man pages): FEATURES="-sandbox" emerge --oneshot sys-apps/checkpolicy bugsy root # epm -ql checkpolicy /usr/bin/checkpolicy /usr/bin/genpolusers
My problem happening on amd64 selinux 2005.1: >>> Install checkpolicy-1.28 into /var/tmp/portage/checkpolicy-1.28/image/ category sys-apps make -C test make[1]: Entering directory `/var/tmp/portage/checkpolicy-1.28/work/checkpolicy-1.28/test' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/var/tmp/portage/checkpolicy-1.28/work/checkpolicy-1.28/test' mkdir -p /var/tmp/portage/checkpolicy-1.28/image//usr/bin mkdir -p /usr/athena/man/man8 ACCESS DENIED mkdir: /usr/athena/man mkdir: cannot create directory `/usr/athena/man': Permission denied make: [install] Error 1 (ignored) install -m 755 checkpolicy checkmodule /var/tmp/portage/checkpolicy-1.28/image//usr/bin install -m 644 checkpolicy.8 /usr/athena/man/man8 ACCESS DENIED open_wr: /usr/athena/man/man8 install: cannot create regular file `/usr/athena/man/man8': Permission denied make: *** [install] Error 1 man: prepallstrip: strip: x86_64-pc-linux-gnu-strip --strip-unneeded usr/bin/checkpolicy usr/bin/checkmodule QA Notice: the following files contain runtime text relocations Text relocations require a lot of extra work to be preformed by the dynamic linker which will cause serious performance impact on IA-32 and might not function properly on other architectures hppa for example. If you are a programmer please take a closer look at this package and consider writing a patch which addresses this problem. TEXTREL usr/bin/checkpolicy TEXTREL usr/bin/checkmodule >>> Completed installing checkpolicy-1.28 into /var/tmp/portage/checkpolicy-1.28/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-sys-apps_-_checkpolicy-1.28-8845.log" mkdir: /usr/athena/man open_wr: /usr/athena/man/man8 -------------------------------------------------------------------------------- # emerge info !!! SELinux not loaded: SELinux is not enabled. Portage 2.0.54 (selinux/2005.1/amd64, gcc-3.4.4, glibc-2.3.5-r2, 2.6.14-hardened-r5 x86_64) ================================================================= System uname: 2.6.14-hardened-r5 x86_64 AMD Athlon(tm) 64 Processor 3200+ Gentoo Base System version 1.6.14 dev-lang/python: 2.3.5-r2, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -O2 -fomit-frame-pointer -frerun-loop-opt -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=k8 -O2 -fomit-frame-pointer -frerun-loop-opt -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks loadpolicy sandbox selinux sfperms strict" GENTOO_MIRRORS="ftp://trumpetti.atm.tut.fi/gentoo/ http://gentoo.binarycompass.org ftp://ftp.uninett.no/pub/linux/Gentoo ftp://mirror.pudas.net/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="acpi aim aliaschain amd64 apache2 bash-completion berkdb bidi bzip2 chroot crypt cups curl doc emul-linux-x86 expat gdbm gif gmp gpm hardened icq idea imagemagick innodb ipv6 irc jabber java jpeg kerberos krb4 libclamav libwww loadpolicy mbox mhash mpeg msn ncurses nls nptl nptlonly oav pam pcre perl png ppds python quotas readline samba sasl selinux semanticfix sftplogging ssl tcpd tiff udev usb userlocales uudeview winbind xml xml2 yahoo zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
please paste `emerge info -v`
reopen
*** Bug 121663 has been marked as a duplicate of this bug. ***
ok, this isn't really a selinux bug, its a kth-krb bug. The env.d entry is using wrong variables for man and info pages, they should be MANPATH and INFOPATH, not MANDIR and INFODIR.
*** Bug 76958 has been marked as a duplicate of this bug. ***
still happens with policycoreutils 1.30-r1
Re-assign wrt Bug 136369.
*** Bug 145746 has been marked as a duplicate of this bug. ***
*** Bug 157019 has been marked as a duplicate of this bug. ***
kerberos, ping! A bit stale, huh? --- app-crypt/kth-krb/files/02kth-krb 2001-12-31 01:48:22.000000000 +0100 +++ app-crypt/kth-krb/files/02kth-krb 2006-12-03 22:58:31.000000000 +0100 @@ -1,5 +1,5 @@ PATH=/usr/athena/bin ROOTPATH=/usr/athena/sbin LDPATH=/usr/athena/lib -MANDIR=/usr/athena/man -INFODIR=/usr/athena/info +MANPATH=/usr/athena/man +INFOPATH=/usr/athena/info
fixed in cvs, apologies for the delay. I'm looking for new kerberos team members for Gentoo, by the way, so please contact me privately.