Re: [gentoo-hardened] problem, Could not access sandbox base file - gentoo-hardened

From:	Toni Kaufmann <TOni.Kaufmann@×××.net>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] problem, Could not access sandbox base file
Date:	Sun, 29 Jul 2007 10:45:46
Message-Id:	`20070729104354.125760@gmx.net`

1

Hello,

2

i've got the same problem, but i'm using the 2007.0-policy.

3

4

Is there any fix or workaround for that?

John Huttley wrote:

9

Hi,

10

11

	I've got this....

12

13

	# semodule -B

14

15

	libsemanage.semanage_link_sandbox: Could not access sandbox base file /etc/selinux/strict/modules/tmp/base.pp.

16

17

	semodule:  Failed!

18

19

	.. problem also.

20

21

	However I have not been able to get it work in the manner described below..

22

	I'm using the selinux/2006.1 policy with a 2.6.20-hardened-r5  kernel.

23

24

	Does anyone have any other suggestions?

25

26

	--john

	?ukasz Sochanowski - Shipmedics wrote:

32

33

		it work thanks a lot

34

35

--

36

		?ukasz Sochanowski

37

		IT Manager      

38

39

		mobile: +48 605102382

40

41

		email: [EMAIL PROTECTED] IT Division email: [EMAIL PROTECTED] IT Division tel.: +48 91 485 18 16 IT Division fax: +48 91 880 80 74 SHIPMEDICS Ltd 24/7 Customer support hotline:

42

43

		+48 888 MEDICS (+48 888 633427)

44

45

		*********************************************

46

		SHIPMEDICS Ltd.

47

		ul. Wisniowa 34a

48

		71-496 Szczecin; POLAND

49

		tel.: +48 91 485 18 18

50

		fax:  +48 91 485 18 17

51

		email: [EMAIL PROTECTED]

52

		www.shipmedics.com

53

54

		VAT No./NIP: PL8512897664

55

		REGON: 812742693

56

		Capital/Kapital zakladowy: 125 000 PLN

57

		Court Name/Sad Rejestrowy:

58

		District Court in Szczecin/Sad Rejonowy w Szczecinie XVII Commercial Division 

59

		of the National Court Register/ XVII Wydzial Gospodarczy Krajowego Rejestru 

60

		Sadowego KRS Registration No./KRS: 0000226629

61

		*********************************************

62

63

		This e-mail and any files transmitted with it are confidential and intended 

64

		solely for the use of the individual or entity to whom they are addressed. If 

65

		you have received this e-mail in error, please destroy this message and kindly 

66

		notify the sender by reply e-mail.

		-----Original Message-----

71

72

		From: Petre Rodan [EMAIL PROTECTED] Sent: Tuesday, July 10, 2007 12:36 PM

73

74

		To: gentoo-hardened@l.g.o

75

		Subject: Re: [gentoo-hardened] problem

76

77

78

Hi,

79

80

		On Tue, Jul 10, 2007 at 11:35:31AM +0200, ?ukasz Sochanowski - Shipmedics wrote:

81

82

Hi,

83

84

			I have a problem concerning SElinux on gentoo.

85

86

			I`ve installed selinux from profile 2007.0 with managed policy, but when I try to load or reload modules, a problem emerges:

87

88

			# semodule -B

89

90

			libsemanage.semanage_link_sandbox: Could not access sandbox base file /etc/selinux/strict/modules/tmp/base.pp.

91

92

			semodule:  Failed!

93

94

			# emerge selinux-base-policy

95

			 * Inserting base module into strict module store.

96

97

			libsemanage.semanage_exec_prog: Child process /usr/sbin/load_policy did not exit cleanly.

98

99

			libsemanage.semanage_reload_policy: load_policy returned error code -1..

100

101

			libsemanage.semanage_install_active: Could not copy /etc/selinux/strict/modules/active/policy.kern to /etc/selinux/strict/policy/policy.21.

102

103

			semodule:  Failed!

104

			 * Inserting base module into targeted module store.

105

106

			libsemanage.semanage_exec_prog: Child process /sbin/setfiles did not exit cleanly.

107

108

			libsemanage.semanage_install_active: setfiles returned error code -1.

109

110

			libsemanage.semanage_install_active: Could not copy /etc/selinux/targeted/modules/active/policy.kern to /etc/selinux/targeted/policy/policy.21.

111

112

			semodule:  Failed!

113

114

		sounds like http://bugs.gentoo.org/show_bug.cgi?id=184520

115

116

		try to emerge portage-2.1.2.2 and then re-emerge your base-policy

			I really don`t know what to do now. Can someone help me fix this ?

121

122

			Regards

123

124

			max239

125

126

--

127

			[EMAIL PROTECTED] mailing list

128

129

		cheers,

130

		peter

131

132

--

133

		petre rodan

134

		<[EMAIL PROTECTED]>

135

		Developer,

136

137

		Hardened Gentoo Linux

138

--

139

Psssst! Schon vom neuen GMX MultiMessenger gehört?

140

Der kanns mit allen: http://www.gmx.net/de/go/multimessenger

141

--

142

gentoo-hardened@g.o mailing list

1	Hello,
2	i've got the same problem, but i'm using the 2007.0-policy.
3
4	Is there any fix or workaround for that?
5
6
7
8	John Huttley wrote:
9	Hi,
10
11	I've got this....
12
13	# semodule -B
14
15	libsemanage.semanage_link_sandbox: Could not access sandbox base file /etc/selinux/strict/modules/tmp/base.pp.
16
17	semodule: Failed!
18
19	.. problem also.
20
21	However I have not been able to get it work in the manner described below..
22	I'm using the selinux/2006.1 policy with a 2.6.20-hardened-r5 kernel.
23
24	Does anyone have any other suggestions?
25
26	--john
27
28
29
30
31	?ukasz Sochanowski - Shipmedics wrote:
32
33	it work thanks a lot
34
35	--
36	?ukasz Sochanowski
37	IT Manager
38
39	mobile: +48 605102382
40
41	email: [EMAIL PROTECTED] IT Division email: [EMAIL PROTECTED] IT Division tel.: +48 91 485 18 16 IT Division fax: +48 91 880 80 74 SHIPMEDICS Ltd 24/7 Customer support hotline:
42
43	+48 888 MEDICS (+48 888 633427)
44
45	*********************************************
46	SHIPMEDICS Ltd.
47	ul. Wisniowa 34a
48	71-496 Szczecin; POLAND
49	tel.: +48 91 485 18 18
50	fax: +48 91 485 18 17
51	email: [EMAIL PROTECTED]
52	www.shipmedics.com
53
54	VAT No./NIP: PL8512897664
55	REGON: 812742693
56	Capital/Kapital zakladowy: 125 000 PLN
57	Court Name/Sad Rejestrowy:
58	District Court in Szczecin/Sad Rejonowy w Szczecinie XVII Commercial Division
59	of the National Court Register/ XVII Wydzial Gospodarczy Krajowego Rejestru
60	Sadowego KRS Registration No./KRS: 0000226629
61	*********************************************
62
63	This e-mail and any files transmitted with it are confidential and intended
64	solely for the use of the individual or entity to whom they are addressed. If
65	you have received this e-mail in error, please destroy this message and kindly
66	notify the sender by reply e-mail.
67
68
69
70	-----Original Message-----
71
72	From: Petre Rodan [EMAIL PROTECTED] Sent: Tuesday, July 10, 2007 12:36 PM
73
74	To: gentoo-hardened@l.g.o
75	Subject: Re: [gentoo-hardened] problem
76
77
78	Hi,
79
80	On Tue, Jul 10, 2007 at 11:35:31AM +0200, ?ukasz Sochanowski - Shipmedics wrote:
81
82	Hi,
83
84	I have a problem concerning SElinux on gentoo.
85
86	I`ve installed selinux from profile 2007.0 with managed policy, but when I try to load or reload modules, a problem emerges:
87
88	# semodule -B
89
90	libsemanage.semanage_link_sandbox: Could not access sandbox base file /etc/selinux/strict/modules/tmp/base.pp.
91
92	semodule: Failed!
93
94	# emerge selinux-base-policy
95	* Inserting base module into strict module store.
96
97	libsemanage.semanage_exec_prog: Child process /usr/sbin/load_policy did not exit cleanly.
98
99	libsemanage.semanage_reload_policy: load_policy returned error code -1..
100
101	libsemanage.semanage_install_active: Could not copy /etc/selinux/strict/modules/active/policy.kern to /etc/selinux/strict/policy/policy.21.
102
103	semodule: Failed!
104	* Inserting base module into targeted module store.
105
106	libsemanage.semanage_exec_prog: Child process /sbin/setfiles did not exit cleanly.
107
108	libsemanage.semanage_install_active: setfiles returned error code -1.
109
110	libsemanage.semanage_install_active: Could not copy /etc/selinux/targeted/modules/active/policy.kern to /etc/selinux/targeted/policy/policy.21.
111
112	semodule: Failed!
113
114	sounds like http://bugs.gentoo.org/show_bug.cgi?id=184520
115
116	try to emerge portage-2.1.2.2 and then re-emerge your base-policy
117
118
119
120	I really don`t know what to do now. Can someone help me fix this ?
121
122	Regards
123
124	max239
125
126	--
127	[EMAIL PROTECTED] mailing list
128
129	cheers,
130	peter
131
132	--
133	petre rodan
134	<[EMAIL PROTECTED]>
135	Developer,
136
137	Hardened Gentoo Linux
138	--
139	Psssst! Schon vom neuen GMX MultiMessenger gehört?
140	Der kanns mit allen: http://www.gmx.net/de/go/multimessenger
141	--
142	gentoo-hardened@g.o mailing list

Gentoo Archives: gentoo-hardened