Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 541990

Summary: sys-libs/libsemanage-2.4 - semanage_migrate_store requires setfscreate permission
Product: Gentoo Linux Reporter: Sven Vermeulen (RETIRED) <swift>
Component: SELinuxAssignee: Sven Vermeulen (RETIRED) <swift>
Status: RESOLVED FIXED    
Severity: normal CC: selinux
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: sec-policy r4
Package list:
Runtime testing required: ---

Description Sven Vermeulen (RETIRED) gentoo-dev 2015-03-03 15:17:35 UTC 
$ /usr/libexec/selinux/semanage_migrate_store 
Error creating /var/lib/selinux

Denial:
type=AVC msg=audit(1425388830.408:108): avc:  denied  { setfscreate } for  pid=7630 comm="semanage_migrat" scontext=root:sysadm_r:semanage_t:s0 tcontext=root:sysadm_r:semanage_t:s0 tclass=process permissive=0

With setfscreate; granted:

$ /usr/libexec/selinux/semanage_migrate_store 
Migrating from /etc/selinux/mcs/modules/active to /var/lib/selinux/mcs/active
Attempting to rebuild policy from /var/lib/selinux


Reproducible: Always
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2015-03-03 15:19:19 UTC 
Fixed in repo, will be in rev4
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2015-03-22 13:52:52 UTC 
Now in repo, ~arch
Comment 3 Sven Vermeulen (RETIRED) gentoo-dev 2015-04-16 18:47:29 UTC 
r4 is stable