~# semanage login -a -s user_u user libsemanage.dbase_llist_query: could not query record value /usr/sbin/semanage: Error No denials in AVC log sys-apps/policycoreutils-2.1.13-r3 Reproducible: Always
Seems to be related to Python-3 support; using Python 2.7 it functions properly.
Another day of trying to figure this out. It seems like the error comes when semanage -> seobject.py -> semanage.py -> _semanage.semanage_user_query The _semanage stuff comes from the SWIG-generated _semanage.so. Printing out the arguments shows that the input initially (to semanage_user_key_create) is correct (like "user_u") and the key returned is always the same value (so it is not a regression from before where a double-free is invoked). I'm most likely going to insert some debugging statements in the semanage_user_key_create, semanage_user_exists & semanage_user_query functions in libsemanage to see where things might be going wrong. But the whole use of a key/record approach inside libsemanage/libsepol doesn't make it easy to debug...
Not fixed in the sense that it now works, but I marked policycoreutils to only support Python 2.7 (until upstream supports it).
In main tree, ~arch'ed
recent selinux userspace utilities are now stabilized