75748 – (selinux) libselinux incorect file paths

Bug 75748 - (selinux) libselinux incorect file paths

Summary: (selinux) libselinux incorect file paths

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All Linux

Importance:	High normal
Assignee:	Chris PeBenito (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-12-26 20:51 UTC by Jared Thomas
Modified:	2005-01-23 18:23 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
seinfo strace log (seinfo-trace.log,3.08 KB, application/octet-stream) 2004-12-26 21:47 UTC, Jared Thomas	Details
selinuxconfig strace log (selinuxconfig-trace.log,3.31 KB, application/octet-stream) 2004-12-26 21:48 UTC, Jared Thomas	Details
seuser strace log (seuser-trace.log,3.62 KB, application/octet-stream) 2004-12-26 21:48 UTC, Jared Thomas	Details
Proposed patch to libselinux (compatiblepath.patch,1.64 KB, patch) 2004-12-26 21:50 UTC, Jared Thomas	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jared Thomas 2004-12-26 20:51:04 UTC

libselnux generates the paths for selinux security related tools such as seuser and seinfo from unsupported policy paths ( i.e.  the paths used in redhat et al not the paths in gentoo base policy)  issue any of the commands below in "steps to reproduce" and they always produce a error related to the path as shown in the attached strace log

Reproducible: Always
Steps to Reproduce:
1.seuser
2.seinfo
3.selinuxconfig


Actual Results:  
errors out or gives paths to non-existant files

Expected Results:  
produce no errors or give the correct path.

Comment 1 Jared Thomas 2004-12-26 21:47:33 UTC

Created attachment 46936 [details]
seinfo strace log

Comment 2 Jared Thomas 2004-12-26 21:48:18 UTC

Created attachment 46937 [details]
selinuxconfig strace log

Comment 3 Jared Thomas 2004-12-26 21:48:36 UTC

Created attachment 46938 [details]
seuser strace log

Comment 4 Jared Thomas 2004-12-26 21:50:16 UTC

Created attachment 46939 [details, diff]
Proposed patch to libselinux

applies to libselinux-1.18

Comment 5 Chris PeBenito (RETIRED) gentoo-dev

2004-12-27 11:30:58 UTC

If you have a /etc/selinux directory or symlink that points to a directory, libselinux will use the new /etc/selinux directory scheme.  Otherwise it will use /etc/security/selinux.  You need to remove /etc/selinux.

Comment 6 Jared Thomas 2004-12-27 19:02:52 UTC

there is no file symlink or directory iat "/etc/selinux" redhat uses that scheme and libselinux has been designed to work with they're strict or targeted policy. the original style was /etc/security and libselinux appends "/etc/security" with "/selinux" dependant on what libselinux call is being made. can you please reverify.

Comment 7 Chris PeBenito (RETIRED) gentoo-dev

2005-01-23 18:23:48 UTC

This is a problem with setools that should hopfully be fixed in the next release