Package: policycoreutils Version: 1.28-6 Severity: normal I tried to load policy modules. I packaged the default policy into a base policy as described here: http://sepolicy-server.sourceforge.net/index.php?page=module-overview
Then I did this: #semodule -v -b base.pp I first got an error about missing seusers from /etc/selinux/./modules/active, so I copied it there. Then I ran the command again, and I got a segfault: Attempting to install base module '/etc/selinux/src/base.pp': Ok: return value of 0. Committing changes: Program received signal SIGSEGV, Segmentation fault Here it is the backtrace: Program received signal SIGSEGV, Segmentation fault. 0x000000306590bc24 in semanage_module_get_version () from /lib/libsemanage.so.1 (gdb) bt #0 0x000000306590bc24 in semanage_module_get_version () from /lib/libsemanage.so.1 #1 0x000000306591108c in semanage_seuser_iterate () from /lib/libsemanage.so.1 #2 0x0000003065907c5b in semanage_context_to_string () from /lib/libsemanage.so.1 #3 0x0000003065907239 in semanage_context_to_string () from /lib/libsemanage.so.1 #4 0x0000003065907859 in semanage_context_to_string () from /lib/libsemanage.so.1 #5 0x0000003065910e47 in semanage_seuser_iterate () from /lib/libsemanage.so.1 #6 0x000000306590c7ef in semanage_module_get_version () from /lib/libsemanage.so.1 #7 0x00000030659104d3 in semanage_reload_policy () from /lib/libsemanage.so.1 #8 0x0000003065909d58 in semanage_msg_set_callback () from /lib/libsemanage.so.1 #9 0x000000306590acd6 in semanage_commit () from /lib/libsemanage.so.1 #10 0x00000000004017f4 in ?? () #11 0x000000300d11c4ca in __libc_start_main () from /lib/libc.so.6 #12 0x00000000004011ca in ?? () #13 0x00007fffffdafcc8 in ?? () #14 0x00000030001179c0 in rtld_errno () from /lib64/ld-linux-x86-64.so.2 #15 0x0000000000000004 in ?? () #16 0x00007fffffdb0694 in ?? () #17 0x00007fffffdb06a7 in ?? () #18 0x00007fffffdb06aa in ?? () #19 0x00007fffffdb06ad in ?? () #20 0x0000000000000000 in ?? () Maybe semodule can't handle the debian selinux policy, so I downloaded the reference policy, built it as targeted, and modular. I installed it, and then tried loading the base module. Same segmentation fault. The contents of my seusers file is this (copied from reference policy/config/app-targeted/seusers): root:root __default__:user_u Is this correct? I found this thread http://www.nsa.gov/selinux/list-archive/0511/13542.cfm talking about the problem of migrating from monolithic to modular policy, and the need of creating seusers. I did create seusers, and I got that segfault. Maybe modular policy needs more files to be copied, does anybody know what else is needed? Anyway semanage shouldn't segfault if it misses some files, it should give an error message. Let me know if I can help you in fixing this bug (by providing more detailed information, testing patches, etc.) P.S.: Is the Debian BTS the proper place to file SELinux tools bugs? Thanks, Edwin -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-1-amd64-k8 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages policycoreutils depends on: ii libc6 2.3.6-5 GNU C Library: Shared libraries an ii libpam0g 0.79-3.1 Pluggable Authentication Modules l ii libselinux1 1.30-1 SELinux shared libraries ii libsemanage1 1.4-4 shared libraries used by SELinux p ii libsepol1 1.12-1 Security Enhanced Linux policy lib ii python2.4 2.4.2-2 An interactive high-level object-o ii python2.4-selinux 1.30-1 Python2.4 bindings to SELinux shar ii python2.4-semanage 1.4-4 Python2.4 bindings for SELinux po policycoreutils recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
