Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 922538

Summary: sys-apps/shadow: useradd fails to create user with -Z
Product: Gentoo Linux Reporter: Marc Schiffbauer <mschiff>
Component: SELinuxAssignee: SE Linux Bugs <selinux>
Status: CONFIRMED ---    
Severity: normal CC: gentoo
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Marc Schiffbauer gentoo-dev 2024-01-20 13:11:21 UTC
when using useradd -Z the command fails. The user is being created, but not $HOME (-m) and also not the user group

~ # useradd -mU -Z staff_u mschiff
SELinux policy not managed
useradd: handle.c:371: semanage_disconnect: Assertion `sh != NULL && sh->funcs != NULL && sh->funcs->disconnect != NULL' failed.
Aborted

~ # id -Z
root:sysadm_r:sysadm_t

~ # semanage user -l
SELinux User    SELinux Roles

root            staff_r sysadm_r
staff_u         staff_r sysadm_r
sysadm_u        sysadm_r
system_u        system_r
unconfined_u    unconfined_r
user_u          user_r

emerge --info
Portage 3.0.61 (python 3.11.7-final-0, default/linux/amd64/17.1/hardened/selinux, gcc-13, glibc-2.38-r9, 6.1.69-gentoo-dist x86_64)
=================================================================
System uname: Linux-6.1.69-gentoo-dist-x86_64-AMD_Ryzen_5_3600_6-Core_Processor-with-glibc2.38
KiB Mem:    65755852 total,  55662208 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Fri, 19 Jan 2024 23:00:01 +0000
Head commit of repository gentoo: c198f69e66547b5ba7d2ba1b9bae576ce93ee703
sh bash 5.1_p16-r6
ld GNU ld (Gentoo 2.41 p4) 2.41.0
app-misc/pax-utils:        1.3.5::gentoo
app-shells/bash:           5.1_p16-r6::gentoo
dev-build/autoconf:        2.71-r6::gentoo
dev-build/automake:        1.16.5-r1::gentoo
dev-build/cmake:           3.27.9::gentoo
dev-build/libtool:         2.4.7-r1::gentoo
dev-build/make:            4.4.1-r1::gentoo
dev-build/meson:           1.3.0-r2::gentoo
dev-lang/perl:             5.38.2-r1::gentoo
dev-lang/python:           3.11.7::gentoo, 3.12.1_p1::gentoo
dev-lang/rust-bin:         1.74.1::gentoo
sec-policy/selinux-base:   2.20231002-r2::gentoo
sys-apps/baselayout:       2.14-r1::gentoo
sys-apps/openrc:           0.53::gentoo
sys-apps/sandbox:          2.38::gentoo
sys-devel/binutils:        2.41-r3::gentoo
sys-devel/binutils-config: 5.5::gentoo
sys-devel/gcc:             13.2.1_p20230826::gentoo
sys-devel/gcc-config:      2.11::gentoo
sys-kernel/linux-headers:  6.1::gentoo (virtual/os-headers)
sys-libs/glibc:            2.38-r9::gentoo
sys-libs/libselinux:       3.5-r1::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    volatile: False
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes
    sync-rsync-extra-opts:
    sync-rsync-verify-max-age: 3

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE @BINARY-REDISTRIBUTABLE"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
FCFLAGS="-march=native -O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pkgdir-inde
x-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox selinux sesandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=native -O2 -pipe"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LEX="flex"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
SHELL="/bin/bash"
USE="acl amd64 audit bzip2 caps cet cli crypt dist-kernel dri fortran gdbm hardened iconv ipv6 libtirpc multilib ncurses nls openmp pam pcre pic pie readline seccomp selinux split-usr ssl ssp test-rust unicode xattr xtpax zlib" ABI_X86="64" ADA_TARGET="
gnat_2021" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expir
es ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load me
mory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 aes avx avx2 f16c fma3 pclmul popcnt rdrand sha sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax
mtk3301 ntrip navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS
="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-1" POSTGRES_TARGETS="postgres15" PYTHON_SINGLE_TARGET="python3_11" PYTHON_TARGETS="python3_11" RUBY_TARGETS="ruby31" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy" XTAB
LES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
Unset:  ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, MAKEOPT
S, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS