Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Hardened (http://www.linux-archive.org/gentoo-hardened/)
-   -   SELinux Policy Difficulties (http://www.linux-archive.org/gentoo-hardened/704906-selinux-policy-difficulties.html)

Alex Brandt 09-17-2012 11:31 PM

SELinux Policy Difficulties
 
Hey Sven,

*

Thanks for all the help you've provided so far. I've hit a snag that I can't see the answer even though I'm sure it's something silly. I'm writing a policy for the openstack guest agent (specifically my rewrite of the agent). The agent code can be found on github: https://github.com/alunduil/singularity, and the policy can be found on github as well: https://github.com/alunduil/alunduil-overlay/tree/master/sec-policy/selinux-openstack-guest-agent/files/2.20120215

*

If you have time (I know you're busy this month), I'd love any suggestions you can provide on this policy but the problem I'm facing right now is that it doesn't want to start due to the following error in Enforcing mode:

*

singularity-selinux ~ # /etc/init.d/singularity start

Authenticating root.

Password:

* Starting singularity ...

/usr/bin/singularity: 'eselect python show' printed unrecognized value '

* start-stop-daemon: failed to start `/usr/bin/singularity'

* Failed to start singularity [ !! ]

* ERROR: singularity failed to start

*

The audit log is attached as enforcing-failed-start.audit.log.

*

The audit log for Permissive mode is also attached as permissive-succeeded-start.audit.log.

*

These logs were created with dontaudit off.

*

Any guidance you can provide would be greatly appreciated. If you need anymore information; please, let me know. Thanks in advance.

*

Sincerely,

*

--

Alex Brandt

Sales Engineer for Rackspace, RHCE

http://www.alunduil.com

*


All times are GMT. The time now is 07:15 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.