Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1247714

Summary: libsemanage.dbase_llist_query: could not query record value (No such file or directory).
Product: [Fedora] Fedora Reporter: Petr Lautrbach <plautrba>
Component: libsepolAssignee: Petr Lautrbach <plautrba>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 23CC: dwalsh, mgrepl, msrb, plautrba
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 2.4-12.fc23 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-04 19:45:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1076441    
Attachments:
Description Flags
proposed patch none

Description Petr Lautrbach 2015-07-28 16:00:46 UTC 
Description of problem:

# /usr/sbin/semanage login -a -s staff_u -r s0-s0:c0.c1023 yeti
libsemanage.dbase_llist_query: could not query record value (No such file or directory).
FileNotFoundError: [Errno 2] No such file or directory

# rpm -qf /usr/sbin/semanage
policycoreutils-python-utils-2.4-7.fc23.x86_64
Comment 1 Michal Srb 2015-08-25 08:48:17 UTC 
Created attachment 1066782 [details]
proposed patch

I think that this is a problem between Python 3 SWIG bindings around libsemanage and libsepol.

Python 3 SWIG bindings temporarily allocate memory needed for
PyUnicodeObject->char * conversion. This memory is deallocated shortly
after underlying C function returns. Therefore it's necessary to create
a copy of it.
Comment 2 Michal Srb 2015-08-25 10:48:12 UTC 
The patch should also fix following bug:

# semanage boolean -m --on polyinstantiation_enabled             
ValueError: Boolean polyinstantiation_enabled is not defined
Comment 3 Petr Lautrbach 2015-08-25 10:54:59 UTC 
Thanks for the patch. 

I'm not sure if it's the correct to fix a problem among policycoreutils and libsemanage in libsepol. I'd think that there could be a change of swig definition in libsemanage if it's feasible.
Comment 4 Petr Lautrbach 2015-08-25 11:22:47 UTC 
It seems to be really a bug in libsepol and your fix is probably correct (except for the minor memory leak). I'll push an update with this fix asap.
Comment 5 Fedora Update System 2015-08-25 12:24:35 UTC 
libsepol-2.4-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219
Comment 6 Petr Lautrbach 2015-08-25 15:21:05 UTC 
There's still problem with -m option:

# semanage login -a -s staff_u ivetka && semanage login -l | grep ivetka
ivetka               staff_u              s0                   *

# semanage login -m -s unconfined_u ivetka  
ValueError: Login mapping for ivetka is not defined
Comment 7 Miroslav Grepl 2015-08-25 15:23:18 UTC 
I see the same issue. Also "-d" option does not work.

# semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
ValueError: Login mapping for ivetka is not defined

# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
ivetka               staff_u              s0-s0:c0.c1023       *
Comment 8 Fedora Update System 2015-08-26 04:25:23 UTC 
libsepol-2.4-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update libsepol'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-14219
Comment 9 Michal Srb 2015-08-26 05:57:46 UTC 
(In reply to Miroslav Grepl from comment #7)
> I see the same issue. Also "-d" option does not work.
> 
> # semanage login -d -s staff_u -r s0-s0:c0.c1023 ivetka
> ValueError: Login mapping for ivetka is not defined
> 
> # semanage login -l
> 
> Login Name           SELinux User         MLS/MCS Range        Service
> 
> __default__          user_u               s0-s0                *
> ivetka               staff_u              s0-s0:c0.c1023       *

I can reproduce it as well. Looks like semanage_seuser_key_create() doesn't use libsepol under the hood. Therefore similar fix will be needed also for libsemanage. I will also fix potential memory leak in my previous patch.
Comment 10 Fedora Update System 2015-09-03 22:43:28 UTC 
policycoreutils-2.4-12.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040
Comment 11 Fedora Update System 2015-09-04 07:33:00 UTC 
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update policycoreutils'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-15040
Comment 12 Fedora Update System 2015-09-04 19:45:16 UTC 
policycoreutils-2.4-12.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.