!equilibrium
Bodhisattva
Joined: 06 Jun 2004
Posts: 2109
Location: MI/BG/LC
|
 Posted: Sun Feb 20, 2005 5:16 pm Post subject: [SElinux] selinux-qmail error |
 |
|
i have a SElinux Gentoo server,
in the last days i have made a portage upgrade after a long time and updated some packages.
all worked perfect until i emerged the "selinux-qmail" package,
server return this error:
| Code: |
emerge -av qmail
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild N ] sec-policy/selinux-qmail-20041128 0 kB
[ebuild R ] mail-mta/qmail-1.03-r15 -noauthcram -notlsbeforeauth +selinux* +ssl 0 kB
Total size of downloads: 0 kB
Do you want me to merge these packages? [Yes/No]
>>> emerge (1 of 2) sec-policy/selinux-qmail-20041128 to /
>>> md5 files ;-) selinux-qmail-20041128.ebuild
>>> md5 files ;-) ChangeLog
>>> md5 files ;-) metadata.xml
>>> md5 files ;-) files/digest-selinux-qmail-20041128
>>> md5 src_uri ;-) selinux-qmail-20041128.tar.bz2
>>> Unpacking source...
>>> Unpacking selinux-qmail-20041128.tar.bz2 to /var/tmp/portage/selinux-qmail-20041128/work
>>> Source unpacked.
* Backup of policy source is "200502201802-selinux-qmail.tar.bz2".
>>> Test phase [not enabled]: sec-policy/selinux-qmail-20041128
>>> Install selinux-qmail-20041128 into /var/tmp/portage/selinux-qmail-20041128/image/ category sec-policy
man:
prepallstrip:
strip: i686-pc-linux-gnu-strip --strip-unneeded
>>> Completed installing selinux-qmail-20041128 into /var/tmp/portage/selinux-qmail-20041128/image/
>>> Merging sec-policy/selinux-qmail-20041128 to /
>>> Setting SELinux security labels
make: Entering directory `/etc/security/selinux/src/policy'
* Building file_contexts
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_etc_t on line number 1019
make: *** [/var/tmp/portage/selinux-qmail-20041128/temp/file_contexts] Error 1
make: Leaving directory `/etc/security/selinux/src/policy'
/usr/sbin/setfiles: read 831 specifications
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_etc_t on line number 1019
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_etc_t on line number 1020
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_spool_t on line number 1022
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_start_exec_t on line number 1023
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_lspawn_exec_t on line number 1024
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_tcp_env_exec_t on line number 1025
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_inject_exec_t on line number 1026
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_smtpd_exec_t on line number 1027
/usr/sbin/setfiles: invalid context system_u:object_r:qmail_queue_exec_t on line number 1028
Exiting after 10 errors.
!!! ERROR: sec-policy/selinux-qmail-20041128 failed.
!!! Function dyn_preinst, Line 1230, Exitcode 1
!!! Failed to set SELinux security labels.
!!! If you need support, post the topmost build error, NOT this status message.
!!! FAILED preinst: 1
|
the output of "sestatus -v" is:
| Code: |
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Policy version: 18
Policy booleans:
secure_mode inactive
ssh_sysadm_login inactive
user_ping inactive
Process contexts:
Current context: root:staff_r:staff_t
Init context: system_u:system_r:init_t
/sbin/agetty system_u:system_r:getty_t
/usr/sbin/sshd system_u:system_r:sshd_t
File contexts:
Controlling term: root:object_r:staff_devpts_t
/sbin/init system_u:object_r:init_exec_t
/sbin/agetty system_u:object_r:getty_exec_t
/bin/login system_u:object_r:login_exec_t
/sbin/rc system_u:object_r:initrc_exec_t
/sbin/runscript.sh system_u:object_r:initrc_exec_t
/usr/sbin/sshd system_u:object_r:sshd_exec_t
/sbin/unix_chkpwd system_u:object_r:chkpwd_exec_t
/etc/passwd system_u:object_r:etc_t
/etc/shadow system_u:object_r:shadow_t
/bin/sh system_u:object_r:bin_t -> system_u:object_r:shell_exec_t
/bin/bash system_u:object_r:shell_exec_t
/bin/sash system_u:object_r:shell_exec_t
/usr/bin/newrole system_u:object_r:newrole_exec_t
/lib/libc.so.6 system_u:object_r:lib_t -> system_u:object_r:shlib_t
/lib/ld-linux.so.2 system_u:object_r:lib_t -> system_u:object_r:ld_so_t
|
if i retry to merge "qmail" package, emerge tell me that "selinux-qmail" is an incomplete merge:
| Code: | emerge -av qmail
These are the packages that I would merge, in order:
Calculating dependencies ...done!
INCOMPLETE MERGE: /var/db/pkg/sec-policy/-MERGING-selinux-ucspi-tcp-20041211
INCOMPLETE MERGE: /var/db/pkg/sec-policy/-MERGING-selinux-qmail-20041128
[ebuild N ] sec-policy/selinux-qmail-20041128 0 kB
[ebuild R ] mail-mta/qmail-1.03-r15 -noauthcram -notlsbeforeauth +selinux* +ssl 0 kB
Total size of downloads: 0 kB
Do you want me to merge these packages? [Yes/No]
|
now i can't emerge nothing, all the emerge with SELinux enabled give me error about "qmail_etc_t" object not found.
what is wrong? how to fix this?
in the forum there is nothing about this error. i need help
_________________
Arch Tester for Gentoo/FreeBSD
Equilibrium's Universe
all my contents are released under the Creative Commons Licence by-nc-nd 2.5 |
|
Networking & Security
