3:28 p.m.
Since the update this morning when i try to build a package using
rpmbuild i obtain this kind of errors in the log :
Traitement des fichiers: libupnp-devel-1.4.0-1
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
someone could explain me why and how to solve this ?
Thanks
Eric
4:08 p.m.
Eric Tanguy wrote:
Since the update this morning when i try to build a package using
rpmbuild i obtain this kind of errors in the log :
Traitement des fichiers: libupnp-devel-1.4.0-1
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
someone could explain me why and how to solve this ?
Thanks
Eric
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
What policy rpm do you have installed?
rpm -q selinux-policy
1:18 a.m.
Le mardi 20 juin 2006 à 17:08 -0400, Daniel J Walsh a écrit :
Eric Tanguy wrote:
> Since the update this morning when i try to build a package using
> rpmbuild i obtain this kind of errors in the log :
> Traitement des fichiers: libupnp-devel-1.4.0-1
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
> file_contexts: invalid context system_u:object_r:usr_t
>
> someone could explain me why and how to solve this ?
> Thanks
> Eric
>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
What policy rpm do you have installed?
rpm -q selinux-policy
selinux-policy-2.2.43-4.fc5
but it seems it happened after the update of these packages :
libselinux.i386 1.30.3-3.fc5
libselinux-python.i386 1.30.3-3.fc5
4:07 p.m.
Le mercredi 21 juin 2006 à 08:18 +0200, Eric Tanguy a écrit :
Le mardi 20 juin 2006 à 17:08 -0400, Daniel J Walsh a écrit :
> Eric Tanguy wrote:
> > Since the update this morning when i try to build a package using
> > rpmbuild i obtain this kind of errors in the log :
> > Traitement des fichiers: libupnp-devel-1.4.0-1
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> > file_contexts: invalid context system_u:object_r:usr_t
> >
> > someone could explain me why and how to solve this ?
> > Thanks
> > Eric
> >
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list(a)redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >
> What policy rpm do you have installed?
>
> rpm -q selinux-policy
>
selinux-policy-2.2.43-4.fc5
but it seems it happened after the update of these packages :
libselinux.i386 1.30.3-3.fc5
libselinux-python.i386 1.30.3-3.fc5
In fact this problem seems quite serious and occurs each time i try to
build a package.
Eric
4:31 p.m.
On Tue, 2006-06-20 at 22:28 +0200, Eric Tanguy wrote:
Since the update this morning when i try to build a package using
rpmbuild i obtain this kind of errors in the log :
Traitement des fichiers: libupnp-devel-1.4.0-1
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
file_contexts: invalid context system_u:object_r:usr_t
someone could explain me why and how to solve this ?
Is this in a chroot?
If so, I suspect that this is a result of the !selinux_mnt patch to
libselinux; when I merged it upstream, I had to fix it to set errno
properly.
--
Stephen Smalley
National Security Agency
8:13 p.m.
Jason L Tibbitts III wrote:
>>>>> "SS" == Stephen Smalley
<sds(a)tycho.nsa.gov> writes:
>>>>>
SS> Is this in a chroot?
I am seeing the problem running a plain rpmbuild -ba, no chroot or
mock in sight.
- J<
Is this happening selinux disabled? There is a printf in libselinux
which is triggered when matchpatcon fails
to verify a file context via the kernel. If the kernel is not running
selinux this could happen.
Dan
12:51 a.m.
Le mercredi 21 juin 2006 à 20:17 -0500, Jason L Tibbitts III a écrit :
>>>>> "DJW" == Daniel J Walsh <Daniel>
writes:
DJW> Is this happening selinux disabled?
Indeed it is. These messages don't bother the package at all but they
did confuse me for a bit.
- J<
I see the problem for all packages i try to build
selinux is enabled
at this time i didn't see the same problem using mock
8:21 a.m.
On Wed, 2006-06-21 at 21:13 -0400, Daniel J Walsh wrote:
Jason L Tibbitts III wrote:
>>>>>> "SS" == Stephen Smalley <sds(a)tycho.nsa.gov>
writes:
>>>>>>
>
> SS> Is this in a chroot?
>
> I am seeing the problem running a plain rpmbuild -ba, no chroot or
> mock in sight.
>
> - J<
>
Is this happening selinux disabled? There is a printf in libselinux
which is triggered when matchpatcon fails
to verify a file context via the kernel. If the kernel is not running
selinux this could happen.
Normally that is suppressed because default_canoncon checks whether
security_canonicalize_context() returned with errno ENOENT
(i.e. /selinux/context didn't exist, as with SELinux disabled or in a
chroot). But the patch from Ian Kent for !selinux_mnt changes that
behavior unless those checks also set errno to ENOENT, which I added
upstream, but is _not_ in your FC5 backport.
--
Stephen Smalley
National Security Agency
12:27 p.m.
Stephen Smalley wrote:
On Wed, 2006-06-21 at 21:13 -0400, Daniel J Walsh wrote:
> Jason L Tibbitts III wrote:
>
>>>>>>> "SS" == Stephen Smalley <sds(a)tycho.nsa.gov>
writes:
>>>>>>>
>>>>>>>
>> SS> Is this in a chroot?
>>
>> I am seeing the problem running a plain rpmbuild -ba, no chroot or
>> mock in sight.
>>
>> - J<
>>
>>
> Is this happening selinux disabled? There is a printf in libselinux
> which is triggered when matchpatcon fails
> to verify a file context via the kernel. If the kernel is not running
> selinux this could happen.
>
Normally that is suppressed because default_canoncon checks whether
security_canonicalize_context() returned with errno ENOENT
(i.e. /selinux/context didn't exist, as with SELinux disabled or in a
chroot). But the patch from Ian Kent for !selinux_mnt changes that
behavior unless those checks also set errno to ENOENT, which I added
upstream, but is _not_ in your FC5 backport.
Fixed in libselinux-1_30_3-4_fc5
6515
days inactive
6517
days old
selinux@lists.fedoraproject.org
10 comments
4 participants
participants (4)
-
Daniel J Walsh -
Eric Tanguy -
Jason L Tibbitts III -
Stephen Smalley