Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 541990 - sys-libs/libsemanage-2.4 - semanage_migrate_store requires setfscreate permission
Summary: sys-libs/libsemanage-2.4 - semanage_migrate_store requires setfscreate permis...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Sven Vermeulen (RETIRED)
URL:
Whiteboard: sec-policy r4
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-03 15:17 UTC by Sven Vermeulen (RETIRED)
Modified: 2015-04-16 18:47 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sven Vermeulen (RETIRED) gentoo-dev 2015-03-03 15:17:35 UTC
$ /usr/libexec/selinux/semanage_migrate_store 
Error creating /var/lib/selinux

Denial:
type=AVC msg=audit(1425388830.408:108): avc:  denied  { setfscreate } for  pid=7630 comm="semanage_migrat" scontext=root:sysadm_r:semanage_t:s0 tcontext=root:sysadm_r:semanage_t:s0 tclass=process permissive=0

With setfscreate; granted:

$ /usr/libexec/selinux/semanage_migrate_store 
Migrating from /etc/selinux/mcs/modules/active to /var/lib/selinux/mcs/active
Attempting to rebuild policy from /var/lib/selinux


Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2015-03-03 15:19:19 UTC
Fixed in repo, will be in rev4
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2015-03-22 13:52:52 UTC
Now in repo, ~arch
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2015-04-16 18:47:29 UTC
r4 is stable