From: Petr Lautrbach <lautrbach@redhat.com>
To: selinux@vger.kernel.org, "Christian Göttsche" <cgzones@googlemail.com>
Subject: Re: Regression in 92306daf5219 ("libselinux: rework selabel_file(5) database")
Date: Tue, 03 Dec 2024 15:08:58 +0100 [thread overview]
Message-ID: <87h67krh8l.fsf@redhat.com> (raw)
In-Reply-To: <87jzchqck5.fsf@redhat.com>
Petr Lautrbach <lautrbach@redhat.com> writes:
> Hi,
>
> with the current 3.8-rc1 release:
>
> [root@default-0 selinux]# semanage fcontext -a -t user_home_dir_t /tmp/test_dir
> [root@default-0 selinux]# semanage fcontext -l -C
> SELinux fcontext type Context
>
> /tmp/test_dir all files system_u:object_r:user_home_dir_t:s0
> [root@default-0 selinux]# semanage fcontext -D
> sefcontext_compile: sefcontext_compile.c:206: write_sidtab: Assertion `sids[0].id == 1' failed.
> libsemanage.semanage_exec_prog: Child process /usr/sbin/sefcontext_compile did not exit cleanly.
> libsemanage.sefcontext_compile: sefcontext_compile returned error code -1. Compiling /var/lib/selinux/final/targeted/contexts/files/file_contexts.local
> OSError: Error
[root@default-0 ~]# touch file_contexts
[root@default-0 ~]# sefcontext_compile -r file_contexts
sefcontext_compile: sefcontext_compile.c:206: write_sidtab: Assertion `sids[0].id == 1' failed.
Aborted (core dumped)
[root@default-0 ~]# cat > file_contexts <<EOF
# This file is auto-generated by libsemanage
# Do not edit directly.
/tmp/test_dir system_u:object_r:user_home_dir_t:s0
EOF
[root@default-0 ~]# sefcontext_compile -r file_contexts
[root@default-0 ~]#
>
> According to `git bisect` the first bad commit is:
>
> commit 92306daf5219e73f6e8bc9fc7699399457999bcd (HEAD)
> Author: Christian Göttsche <cgzones@googlemail.com>
> Date: Tue Nov 5 19:33:16 2024 +0100
>
> libselinux: rework selabel_file(5) database
>
>
> [root@default-0 selinux]# git checkout 92306daf5219e73f6e8bc9fc7699399457999bcd~
> Previous HEAD position was 92306daf libselinux: rework selabel_file(5) database
> HEAD is now at 90b1c237 libselinux: sidtab updates
>
> [root@default-0 selinux]# make clean; make distclean; make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
> [root@default-0 selinux]# semanage fcontext -a -t user_home_dir_t /tmp/test_dir
> [root@default-0 selinux]# semanage fcontext -l -C
> SELinux fcontext type Context
>
> /tmp/test_dir all files system_u:object_r:user_home_dir_t:s0
> [root@default-0 selinux]# semanage fcontext -D
> [root@default-0 selinux]#
>
>
> PTAL
>
> Petr
prev parent reply other threads:[~2024-12-03 14:09 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-03 10:35 Regression in 92306daf5219 ("libselinux: rework selabel_file(5) database") Petr Lautrbach
2024-12-03 14:08 ` Petr Lautrbach [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h67krh8l.fsf@redhat.com \
--to=lautrbach@redhat.com \
--cc=cgzones@googlemail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.