Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora SELinux Support (http://www.linux-archive.org/fedora-selinux-support/)
-   -   error setting 'httpd_enable-homedirs' boolean in F16 (http://www.linux-archive.org/fedora-selinux-support/630848-error-setting-httpd_enable-homedirs-boolean-f16.html)

Tom London 02-09-2012 05:58 PM

error setting 'httpd_enable-homedirs' boolean in F16
 
I've convinced a pal at work to enable SELinux on his updated F16 home
'gateway' system.

He reports getting this:

bee(814)[~]# setsebool -P httpd_enable_homedirs true
libsepol.scope_copy_callback: passenger: Duplicate declaration in
module: type/attribute passenger_tmp_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file
or directory).
Could not change policy booleans


I didn't see anything like this in BZ.

Ring a bell?

[says the same in enforcing or permissive, and if the syntax is '=1'
instead of 'true'. *No messages in /var/log/messages.]

thanks,
tom

--
Tom London
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Daniel J Walsh 02-09-2012 06:01 PM

error setting 'httpd_enable-homedirs' boolean in F16
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/09/2012 01:58 PM, Tom London wrote:
> I've convinced a pal at work to enable SELinux on his updated F16
> home 'gateway' system.
>
> He reports getting this:
>
> bee(814)[~]# setsebool -P httpd_enable_homedirs true
> libsepol.scope_copy_callback: passenger: Duplicate declaration in
> module: type/attribute passenger_tmp_t (No such file or
> directory). libsemanage.semanage_link_sandbox: Link packages failed
> (No such file or directory). Could not change policy booleans
>
>
> I didn't see anything like this in BZ.
>
> Ring a bell?
>
> [says the same in enforcing or permissive, and if the syntax is
> '=1' instead of 'true'. No messages in /var/log/messages.]
>
> thanks, tom
>
Looks like an update problem. See if there is a file named
passanger.pp and remove it.

semodule -r passanger




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk80F+0ACgkQrlYvE4MpobNF+QCgzsYreBuD7V F4fXMBC2vSnPlH
NfMAoLsVIkHZF/Te2su0TPk0uH0yCb/x
=arr5
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Tom London 02-09-2012 06:56 PM

error setting 'httpd_enable-homedirs' boolean in F16
 
On Thu, Feb 9, 2012 at 11:01 AM, Daniel J Walsh <dwalsh@redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/09/2012 01:58 PM, Tom London wrote:
>> I've convinced a pal at work to enable SELinux on his updated F16
>> home 'gateway' system.
>>
>> He reports getting this:
>>
>> bee(814)[~]# setsebool -P httpd_enable_homedirs true
>> libsepol.scope_copy_callback: passenger: Duplicate declaration in
>> module: type/attribute passenger_tmp_t (No such file or
>> directory). libsemanage.semanage_link_sandbox: Link packages failed
>> (No such file or directory). Could not change policy booleans
>>
>>
>> I didn't see anything like this in BZ.
>>
>> Ring a bell?
>>
>> [says the same in enforcing or permissive, and if the syntax is
>> '=1' instead of 'true'. *No messages in /var/log/messages.]
>>
>> thanks, tom
>>
> Looks like an update problem. *See if there is a file named
> passanger.pp and remove it.
>
> semodule -r passanger
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk80F+0ACgkQrlYvE4MpobNF+QCgzsYreBuD7V F4fXMBC2vSnPlH
> NfMAoLsVIkHZF/Te2su0TPk0uH0yCb/x
> =arr5
> -----END PGP SIGNATURE-----

Whew.... Thanks for the start pointer.

I'm guessing he upgraded his host somehow to f16, and there were
(several) old .pp files left around (e.g., hal.pp, qpidd.pp,
passanger.pp, etc.).

Each time setsebool would complain, we would "rpm -qif XXXX" to see
that the file was not owned by any package, and would then remove it.

Now works.

Thanks!
tom

--
Tom London
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


All times are GMT. The time now is 05:02 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.