Issue with semodule after fedup to Fedora 19

David Highley <dhighley@xxxxxxxxxxxxxxxxxxxxxxx> · Sat, 10 Aug 2013 19:06:16 -0700 (PDT)

After doing a fedup upgrade process from Fedora 18 to Fedora 19 I'm
getting the following error when trying to install a local policy to fix
some avc issue:
semodule -i *.te
libsepol.module_package_read_offsets: wrong magic number for module
package:  expected 0xf97cff8f, got 0x75646f6d
libsemanage.parse_module_headers: Could not parse module data.
semodule:  Failed on my_sosreport.te!

The te file looks like this:
module my_sosreport 1.0;

require {
        type sosreport_t;
        type configfs_t;
        type devpts_t;
        type initctl_t;
        class chr_file { getattr };
        class dir { getattr };
        class fifo_file { getattr };
}

#============= sosreport_t ==============
allow sosreport_t configfs_t:dir getattr;
allow sosreport_t devpts_t:chr_file getattr;
allow sosreport_t initctl_t:fifo_file getattr;

The audit avc look like the following:
----
time->Sat Aug 10 16:38:22 2013
type=SYSCALL msg=audit(1376177902.497:110): arch=c000003e syscall=16
success=no 
exit=-65 a0=3 a1=8940 a2=7fff72ed5bf0 a3=7fff72ed59a0 items=0 ppid=3710
pid=3736
 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
ses=429
4967295 tty=(none) comm="brctl" exe="/usr/sbin/brctl"
subj=system_u:system_r:sos
report_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1376177902.497:110): avc:  denied  { module_request }
for  pi
d=3736 comm="brctl" kmod="bridge"
scontext=system_u:system_r:sosreport_t:s0-s0:c
0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=system
----
time->Sat Aug 10 16:38:22 2013
type=SYSCALL msg=audit(1376177902.968:111): arch=c000003e syscall=6
success=no e
xit=-13 a0=7fff425f9af0 a1=1dcd140 a2=1dcd140 a3=fffff800 items=0
ppid=3710 pid=
3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 ses
=4294967295 tty=(none) comm="ls" exe="/usr/bin/ls"
subj=system_u:system_r:sosrep
ort_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1376177902.968:111): avc:  denied  { getattr } for
pid=3764 
comm="ls" path="/dev/initctl" dev="devtmpfs" ino=8906
scontext=system_u:system_r
:sosreport_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initctl_t:s0
tclass=fifo_
file
----
----
time->Sat Aug 10 16:38:22 2013
type=SYSCALL msg=audit(1376177902.980:112): arch=c000003e syscall=6
success=no exit=-13 a0=7fff425f9af0 a1=1ddbb30 a2=1ddbb30 a3=fffffff8
items=0 ppid=3710 pid=3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="ls"
exe="/usr/bin/ls" subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023
key=(null)
type=AVC msg=audit(1376177902.980:112): avc:  denied  { getattr } for
pid=3764 comm="ls" path="/dev/pts/ptmx" dev="devpts" ino=2
scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
tcontext=system_u:object_r:devpts_t:s0 tclass=chr_file
----
time->Sat Aug 10 16:38:23 2013
type=SYSCALL msg=audit(1376177903.375:113): arch=c000003e syscall=4
success=no exit=-13 a0=2051cb0 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0
items=0 ppid=3710 pid=3772 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="df"
exe="/usr/bin/df" subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023
key=(null)
type=AVC msg=audit(1376177903.375:113): avc:  denied  { getattr } for
pid=3772 comm="df" path="/sys/fs/pstore" dev="pstore" ino=9238
scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
tcontext=system_u:object_r:pstorefs_t:s0 tclass=dir
----
time->Sat Aug 10 16:38:23 2013
type=SYSCALL msg=audit(1376177903.408:114): arch=c000003e syscall=4
success=no exit=-13 a0=2052470 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0
items=0 ppid=3710 pid=3772 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="df"
exe="/usr/bin/df" subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023
key=(null)
type=AVC msg=audit(1376177903.408:114): avc:  denied  { getattr } for
pid=3772 comm="df" path="/sys/kernel/config" dev="configfs" ino=15409
scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
tcontext=system_u:object_r:configfs_t:s0 tclass=dir
----
time->Sat Aug 10 16:38:24 2013
type=SYSCALL msg=audit(1376177904.575:115): arch=c000003e syscall=41
success=no exit=-13 a0=10 a1=80803 a2=f a3=d2be50 items=0 ppid=3710
pid=3803 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 ses=4294967295 tty=(none) comm="lsusb" exe="/usr/bin/lsusb"
subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1376177904.575:115): avc:  denied  { create } for
pid=3803 comm="lsusb"
scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
tclass=netlink_kobject_uevent_socket

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux