semanage error when upgrading to RHEL 6.5

Andy Ruch adruch2002 at yahoo.com
Thu Feb 20 20:46:36 UTC 2014 




On Thursday, February 20, 2014 1:38 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>On 02/19/2014 11:56 AM, Andy Ruch wrote:
>> Hello,
>> 
>> I have a policy that was originally written for RHEL 6.2. I’m now trying
>> to upgrade to RHEL 6.5 and I’m having problems with semanage. I can install
>> a fresh RHEL 6.5 system with the targeted policy and everything works fine.
>> I then uninstall the targeted policy and install my policy and I can’t link
>> the linux user and selinux user.
>> 
>>>> semanage user –a -R sysadm_r -R staff_r -r s0-s0:c0.c1023 testuser_u 
>>>> useradd -G wheel testuser semanage login -a -r s0-s0:c0.c1023 -s
>>>> testuser_u testuser
>> libsemanage.dbase_llist_query: could not query record value 
>> /usr/sbin/semanage: Could not query user for testuser
>> 
>> 
>> I have the RHEL 6.5 source code for libsemanage and the targeted policy but
>> so far I haven't been able to find differences that would affect this
>> problem. Could someone please point me in the right direction as far as
>> what semanage is expecting?  What would prevent libsemanage from querying
>> for the user?
>> 
>> Thanks, Andy
>> 
>> 
>> -- selinux mailing list selinux at lists.fedoraproject.org 
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>> 
>What does semanage login -l and semanage user -l show?
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1
>Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
>iEYEARECAAYFAlMGZ6gACgkQrlYvE4MpobPPDACfZf1lDin/LicVoZbykbsMS2rX
>OuoAoIIa11SrGGVgJiFblx4aCFjPWF9o
>=iiCj
>-----END PGP SIGNATURE-----
>

semanage user -l shows:


                Labeling   MLS/       MLS/                          
SELinux User    Prefix     MCS Level  MCS Range                      SELinux Roles

root            user       s0         s0-s0:c0.c1023                 system_r
system_u        user       s0         s0-s0:c0.c1023                 system_r
testuser_u      user       s0         s0-s0:c0.c1023                 staff_r sysadm_r
user_u          user       s0         s0                             user_r



semanage login -l shows:


Login Name                SELinux User              MLS/MCS Range            

root                      root                      s0-s0:c0.c1023           
system_u                  system_u                  s0-s0:c0.c1023          

More information about the selinux mailing list