Hi Steve & co Will you be pushing out an rc3 release? If not, can I get the fix for this particular situation so I can continue testing? Wkr, Sven Vermeulen On Fri, Aug 29, 2014 at 4:22 PM, Steve Lawrence <slawrence@xxxxxxxxxx> wrote: > On 08/29/2014 10:14 AM, Stephen Smalley wrote: >> On 08/29/2014 10:00 AM, Sven Vermeulen wrote: >>> On Fri, Aug 29, 2014 at 2:56 PM, Steve Lawrence <slawrence@xxxxxxxxxx> wrote: >>>>>>>> Segmentation fault >>>>>> [...] >>>>>>> Can you provide a copy of your original policy prior to conversion? >>>>>> >>>>>> If you mean the policy.29 file, certainly. You can wget it from >>>>>> http://dev.gentoo.org/~swift/tmp/20140828-policy.29 >>>>> >>>>> No, the contents of /etc/selinux/mcs. The migration script converts the >>>>> old policy module store, not the final kernel policy file. >>>>> >>>> >>>> Hmm, I'm unable to reproduce this. I think the policy store that Stephen >>>> mentions will be help to reproduce it. >>>> >>> >>> Certainly. >>> >>> The policy store can be found at >>> http://dev.gentoo.org/~swift/tmp/20140829-etc-selinux-mcs.tar.gz >> >> Hmm...semanage_migrate_store worked for me on that policy store. >> >> Can you reproduce the fault? If so, can you get debug info? >> Build with debug flags and run semanage_migrate_store under valgrind, >> perhaps? >> > > We are able to get the segfault and have gotten a backtrace. It looks > like it has to do with how optionals are handled and how we reset state > when an optional is disabled. The fix in this particular case is pretty > simple, but I think we need to go through the rest of the reset state > code and ensure we aren't making similar mistakes. Might take a little > bit of time. > _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
