RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-26 16:02:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
149 Commits 4 Branches 723 Tags 22 MiB
C 74.6%
Python 16.2%
Roff 5.2%
SWIG 1.1%
Makefile 1.1%
Other 1.8%
c3c7ef9c65
Go to file
Stephen Smalley c3c7ef9c65 libsemanage issue with bzip-blocksize=0 and compressed modules in store 
On Mon, 2009-08-24 at 10:57 -0400, Chris PeBenito wrote:
> On Mon, 2009-08-24 at 10:04 -0400, Stephen Smalley wrote:
> > On Mon, 2009-08-24 at 09:54 -0400, Chris PeBenito wrote:
> > > I took the current release of libsemanage and added the patch to add a
> > > bzip blocksize option[1].  The modules in my store were already
> > > compressed with the stock release.  I put bzip-blocksize=0 in my
> > > semanage.conf and I do semodule -B and get:
> > >
> > > libsepol.module_package_read_offsets: wrong magic number for module
> > > package:  expected 0xf97cff8f, got 0x39685a42 (No such file or
> > > directory).
> > > libsemanage.semanage_load_module: Error while reading from module
> > > file /etc/selinux/strict/modules/tmp/modules/apm.pp. (No such file or
> > > directory).
> > > semodule:  Failed!
> > >
> > > If I do semodule -l, it will also get the magic number error.  If I
> > > remove the blocksize option, it works again.  I was able to reinsert all
> > > of the modules to get it working again with the blocksize 0 option.
> > >
> > > [1] http://userspace.selinuxproject.org/trac/changeset/ee9827000137fed2d3300124115fc1572acafe2f
> >
> > Yes, that's what I would expect.  The expectation is that either one
> > would set that option before installing the policy for the first time,
> > or that one completely re-installs the policy after setting that option.
>
> Can we have a little better handling of this case?  I don't mind
> reinstalling the policy, but the error messages aren't helpful.  In
> addition, with semodule -l being broken, I have to look into the module
> store to see what modules are installed or guess.

Seems like it is just as easy to just support pre-existing compressed
modules, see below.

Explicitly probe for the bzip2 magic string prefix and fall through to
BZ2_bzReadOpen() if the module is bzipped even if bzip-blocksize=0.
Thus bzip-blocksize=0 will prevent any further compression of
subsequently installed/updated modules, but will continue to function
with existing compressed modules.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
2009-08-24 15:26:48 -04:00
checkpolicy bump checkpolicy to 2.0.19 2009-02-17 12:22:40 -05:00
libselinux libselinux 2.0.85 2009-07-14 11:00:37 -04:00
libsemanage libsemanage issue with bzip-blocksize=0 and compressed modules in store 2009-08-24 15:26:48 -04:00
libsepol libsepol 2.0.37 2009-07-07 14:25:12 -04:00
policycoreutils policycoreutils 2.0.71 2009-08-11 10:24:16 -04:00
scripts release script 2009-03-12 01:23:32 -04:00
sepolgen bump sepolgen to 1.0.17 2009-05-05 20:20:36 -04:00
Makefile initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00