Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 75748

Summary: (selinux) libselinux incorect file paths
Product: Gentoo Linux Reporter: Jared Thomas <thomas_chaos>
Component: HardenedAssignee: Chris PeBenito (RETIRED) <pebenito>
Status: RESOLVED UPSTREAM    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: seinfo strace log
selinuxconfig strace log
seuser strace log
Proposed patch to libselinux

Description Jared Thomas 2004-12-26 20:51:04 UTC 
libselnux generates the paths for selinux security related tools such as seuser and seinfo from unsupported policy paths ( i.e.  the paths used in redhat et al not the paths in gentoo base policy)  issue any of the commands below in "steps to reproduce" and they always produce a error related to the path as shown in the attached strace log

Reproducible: Always
Steps to Reproduce:
1.seuser
2.seinfo
3.selinuxconfig


Actual Results:  
errors out or gives paths to non-existant files

Expected Results:  
produce no errors or give the correct path.
Comment 1 Jared Thomas 2004-12-26 21:47:33 UTC 
Created attachment 46936 [details]
seinfo strace log
Comment 2 Jared Thomas 2004-12-26 21:48:18 UTC 
Created attachment 46937 [details]
selinuxconfig strace log
Comment 3 Jared Thomas 2004-12-26 21:48:36 UTC 
Created attachment 46938 [details]
seuser strace log
Comment 4 Jared Thomas 2004-12-26 21:50:16 UTC 
Created attachment 46939 [details, diff]
Proposed patch to libselinux

applies to libselinux-1.18
Comment 5 Chris PeBenito (RETIRED) gentoo-dev 2004-12-27 11:30:58 UTC 
If you have a /etc/selinux directory or symlink that points to a directory, libselinux will use the new /etc/selinux directory scheme.  Otherwise it will use /etc/security/selinux.  You need to remove /etc/selinux.
Comment 6 Jared Thomas 2004-12-27 19:02:52 UTC 
there is no file symlink or directory iat "/etc/selinux" redhat uses that scheme and libselinux has been designed to work with they're strict or targeted policy. the original style was /etc/security and libselinux appends "/etc/security" with "/selinux" dependant on what libselinux call is being made. can you please reverify.
Comment 7 Chris PeBenito (RETIRED) gentoo-dev 2005-01-23 18:23:48 UTC 
This is a problem with setools that should hopfully be fixed in the next release