Your message dated Sun, 12 Jul 2009 10:32:27 -0500
with message-id <87prc5rk6s....@anzu.internal.golden-gryphon.com>
and subject line This has been fixed in the new policy upload
has caused the Debian Bug report #498965,
regarding dbus_bus_get(): An SELinux policy prevents this sender from sending
this message to this recipient
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
498965: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498965
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: selinux-policy-default
Version: 2:0.0.20080702-7
Severity: critical
Justification: breaks unrelated software
Hello,
It seems that some SELinux policy prevents hal from starting:
bounty:/# invoke-rc.d hal start
Starting Hardware abstraction layer: haldinvoke-rc.d: initscript hal,
action "start" failed.
bounty:/# hald --daemon=no --verbose=yes
00:08:02.145 [I] hald.c:669: hal 0.5.11
00:08:02.145 [I] hald.c:734: Will not daemonize
00:08:02.145 [I] hald_dbus.c:5381: local server is listening at
unix:abstract=/var/run/hald/dbus-Taiqx8gvk9,guid=e5eb7f12c69f20514e282eea48cd7d32
00:08:02.147 [E] hald_dbus.c:5747: dbus_bus_get(): An SELinux policy
prevents this sender from sending this message to this recipient
(rejected message had interface "org.freedesktop.DBus" member "Hello"
error name "(unset)" destination "org.freedesktop.DBus")
It seems the problems appeared after upgrading these (related) packages:
2008-09-14 17:30:24 upgrade hal 0.5.11-2 0.5.11-3
2008-09-14 21:35:38 upgrade libhal1 0.5.11-2 0.5.11-3
2008-09-14 21:35:38 upgrade libhal-storage1 0.5.11-2 0.5.11-3
2008-09-14 22:50:52 upgrade pulseaudio-module-hal 0.9.10-2 0.9.10-3
2008-09-14 17:30:30 upgrade selinux-utils 2.0.65-2 2.0.65-4
2008-09-14 17:30:31 upgrade setools 2.4-3 3.3.5.ds-1
2008-09-14 21:35:26 upgrade libselinux1-dev 2.0.65-2 2.0.65-4
2008-09-14 21:35:27 upgrade libselinux1 2.0.65-2 2.0.65-4
I tried upgrading to more recent versions from sid, but I have the same
issue:
2008-09-14 23:51:06 upgrade selinux-policy-default 2:0.0.20080702-6
2:0.0.20080702-7
2008-09-14 23:51:10 upgrade setools 3.3.5.ds-1 3.3.5.ds-3
2008-09-14 23:51:11 upgrade libsetools-tcl 3.3.5.ds-1 3.3.5.ds-3
2008-09-14 23:51:14 upgrade selinux-basics 0.3.3+nmu4 0.3.4
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (900, 'testing'), (500, 'stable'), (10, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=ro_RO.UTF-8, LC_CTYPE=ro_RO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-policy-default depends on:
ii libpam-modules 1.0.1-4+b1 Pluggable Authentication Modules f
ii libselinux1 2.0.65-4 SELinux shared libraries
ii libsepol1 2.0.30-2 Security Enhanced Linux policy lib
ii policycoreutils 2.0.49-5 SELinux core policy utilities
ii python 2.5.2-2 An interactive high-level object-o
Versions of packages selinux-policy-default recommends:
ii checkpolicy 2.0.16-1 SELinux policy compiler
ii setools 3.3.5.ds-3 tools for Security Enhanced Linux
Versions of packages selinux-policy-default suggests:
pn logcheck <none> (no description available)
pn syslog-summary <none> (no description available)
-- no debconf information
--
Regards,
EddyP
=============================================
"Imagination is more important than knowledge" A.Einstein
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Format: 1.8
Date: Mon, 22 Jun 2009 02:42:42 -0500
Source: refpolicy
Binary: selinux-policy-default selinux-policy-mls selinux-policy-src
selinux-policy-dev selinux-policy-doc
Architecture: source all
Version: 2:0.0.20090621-1
Distribution: unstable
Urgency: low
Maintainer: Russell Coker <russ...@coker.com.au>
Changed-By: Manoj Srivastava <sriva...@debian.org>
Description:
selinux-policy-default - Strict and Targeted variants of the SELinux policy
selinux-policy-dev - Headers from the SELinux reference policy for building
modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
Changes:
refpolicy (2:0.0.20090621-1) unstable; urgency=low
.
* New upstream snapshot.
- Greylist milter from Paul Howarth.
- Crack db access for su to handle password expiration, from Brandon
Whalen.
- Misc fixes for unix_update from Brandon Whalen.
- Add x_device permissions for XI2 functions, from Eamon Walsh.
- MLS constraints for the x_selection class, from Eamon Walsh.
- Postgresql updates from KaiGai Kohei.
- Milter state directory patch from Paul Howarth.
- Add MLS constrains for ingress/egress and secmark from Paul Moore.
- Drop write permission from fs_read_rpc_sockets().
- Remove unused udev_runtime_t type.
- Patch for RadSec port from Glen Turner.
- Enable network_peer_controls policy capability from Paul Moore.
- Btrfs xattr support from Paul Moore.
- Add db_procedure install permission from KaiGai Kohei.
- Add support for network interfaces with access controlled by a Boolean
from the CLIP project.
- Several fixes from the CLIP project.
- Add support for labeled Booleans.
- Remove node definitions and change node usage to generic nodes.
- Add kernel_service access vectors, from Stephen Smalley.
- Added modules:
certmaster (Dan Walsh)
git (Dan Walsh)
gpsd (Miroslav Grepl)
guest (Dan Walsh)
ifplugd (Dan Walsh)
lircd (Miroslav Grepl)
logadm (Dan Walsh)
pingd (Dan Walsh)
psad (Dan Walsh)
portreserve (Dan Walsh)
ulogd (Dan Walsh)
webadm (Dan Walsh)
xguest (Dan Walsh)
zosremote (Dan Walsh)
.
- Fix consistency of audioentropy and iscsi module naming.
- Debian file context fix for xen from Russell Coker.
- Xserver MLS fix from Eamon Walsh.
- Add omapi port for dhcpcd.
- Deprecate per-role templates and rolemap support.
- Implement user-based access control for use as role separations.
- Move shared library calls from individual modules to the domain module.
- Enable open permission checks policy capability.
- Remove hierarchy from portage module as it is not a good example of
hieararchy.
- Remove enableaudit target from modular build as semodule -DB supplants
it.
- Added modules:
milter (Paul Howarth)
* Sync'd with Russell Coker
Checksums-Sha1:
01a30c55721b92eea1e5f833a0165d5599350f62 1483 refpolicy_0.0.20090621-1.dsc
673b5eb3a76c8240a7a7bbcb6ab418e2fdef5e11 514682
refpolicy_0.0.20090621.orig.tar.gz
598f5811eafd0799a55fcaf592480b10733dbeab 93859 refpolicy_0.0.20090621-1.diff.gz
9631ad144d3a0754f3039b55c5008002dc0efb0c 3957810
selinux-policy-default_0.0.20090621-1_all.deb
2701fd3cfff907610f0819b9723197b4419fadf1 3960202
selinux-policy-mls_0.0.20090621-1_all.deb
9412cf1a23a76fa2015a7e1d2bf0774ac4d614af 841422
selinux-policy-src_0.0.20090621-1_all.deb
eef9ba8130de87d973e7da9ee3493b6945987366 679456
selinux-policy-dev_0.0.20090621-1_all.deb
7dd46a367443e1e6ef17642dfe351160fee3f3c7 457936
selinux-policy-doc_0.0.20090621-1_all.deb
Checksums-Sha256:
0737a5c8b8965b38a418ada9c90715499562d718792713a984a489941943df24 1483
refpolicy_0.0.20090621-1.dsc
2c23a15346f036e18cb7da0cc2961a823b325c691f685651efde86bf6d380197 514682
refpolicy_0.0.20090621.orig.tar.gz
f220d918acb94ae9c3548488654bc74edc581ad102bd8f3285a5e9967282b91c 93859
refpolicy_0.0.20090621-1.diff.gz
280ebf5daf940a87d1e9c696183d1f9cd37e8cd2e0b8ce97cceffa05ab9ad19b 3957810
selinux-policy-default_0.0.20090621-1_all.deb
dec8c8df05bbfb1d9cdaf4879c0c738f25ef71cff4e55bf89bbbc55c9a2eb9f0 3960202
selinux-policy-mls_0.0.20090621-1_all.deb
291754307a54839735fe3aeed19cd8cc0ba19c741210fb973dbf86cf8979e627 841422
selinux-policy-src_0.0.20090621-1_all.deb
75e51b3b6f9fe9140576218dcc19cba8e93039833d81280c7572f564d9f50797 679456
selinux-policy-dev_0.0.20090621-1_all.deb
f38fab5c135020c5d23022d47efaf1eef14260bdc4845e0ce82f0f8765943cf5 457936
selinux-policy-doc_0.0.20090621-1_all.deb
Files:
27e52a719e256eb21ba1f636e8210598 1483 admin standard
refpolicy_0.0.20090621-1.dsc
82e02eca49f7404400ccf9c8cd0eff84 514682 admin standard
refpolicy_0.0.20090621.orig.tar.gz
d6e1284a10f2f0515668fb6e739dc0f4 93859 admin standard
refpolicy_0.0.20090621-1.diff.gz
7d14f975c4a82f3870b21ca720a841c0 3957810 admin standard
selinux-policy-default_0.0.20090621-1_all.deb
df34e6970d01750bd5847bfdfba7c78a 3960202 admin extra
selinux-policy-mls_0.0.20090621-1_all.deb
cbc3b248caf1808fb086eddb6ebb85ec 841422 admin optional
selinux-policy-src_0.0.20090621-1_all.deb
92079b5e6be28efa2ef26f220cdf4fb6 679456 admin optional
selinux-policy-dev_0.0.20090621-1_all.deb
e2d09cca2a488c7e8a7917f5c7ef0d20 457936 doc optional
selinux-policy-doc_0.0.20090621-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREDAAYFAkpACRgACgkQIbrau78kQkyiSQCg6A4MzplkWjGIK/XZeRak2SDq
+5YAoIBUXJ5kytf0AIjA10qr5r+fXmv0
=1o2+
-----END PGP SIGNATURE-----
--
Look afar and see the end from the beginning.
Manoj Srivastava <sriva...@acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--- End Message ---
