Your message dated Thu, 22 Dec 2011 10:02:54 +0100
with message-id <[email protected]>
and subject line fixed in squeeze
has caused the Debian Bug report #550693,
regarding selinux-basics: selinux-activate does not handle grub2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
550693: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550693
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: selinux-basics
Version: 0.3.5
Severity: normal
Hello,
/usr/bin/selinux-activate does not currently handle grub2's config
file /etc/default/grub. The relevant config entry is
GRUB_CMDLINE_LINUX. This variable may already have something assigned
to it and the string "selinux=1" needs to be appended to the old
string.
A possible patch for /usr/bin/selinux-activate is attached.
Regards,
Kapil.
--
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-basics depends on:
ii checkpolicy 2.0.19-1 SELinux policy compiler
ii policycoreutils 2.0.72-2 SELinux core policy utilities
ii python 2.5.4-2 An interactive high-level object-o
ii selinux-utils 2.0.85-4 SELinux utility programs
Versions of packages selinux-basics recommends:
ii selinux-policy-default 2:0.2.20090828-1 Strict and Targeted variants of th
pn setools <none> (no description available)
Versions of packages selinux-basics suggests:
pn logcheck <none> (no description available)
ii syslog-summary 1.14-1 summarize the contents of a syslog
-- no debconf information
--- /usr/sbin/selinux-activate 2008-09-09 10:02:21.000000000 +0530
+++ /tmp/selinux-activate 2009-10-12 11:36:32.000000000 +0530
@@ -1,6 +1,7 @@
#!/bin/sh -e
GRUB_CONF=/boot/grub/menu.lst
+GRUB2_CONF=/etc/default/grub
PAM_LOGIN=/etc/pam.d/login
if [ "$1" != "disable" ]; then
@@ -12,6 +13,13 @@
update-grub
fi
fi
+ if [ -e $GRUB2_CONF ]; then
+ if ! grep -q selinux $GRUB2_CONF ; then
+ sed -e 's/\(^GRUB_CMDLINE_LINUX="\)/\1selinux=1 /' < $GRUB2_CONF >
$GRUB2_CONF.new
+ mv $GRUB2_CONF.new $GRUB2_CONF
+ update-grub
+ fi
+ fi
sed -e "s/^# \(.*selinux.*$\)/\1/" < $PAM_LOGIN > $PAM_LOGIN.new
mv $PAM_LOGIN.new $PAM_LOGIN
for n in kdm wdm ; do
@@ -36,6 +44,10 @@
sed -e "s/ selinux=1//" < $GRUB_CONF > $GRUB_CONF.new
mv $GRUB_CONF.new $GRUB_CONF
fi
+ if [ -e $GRUB2_CONF ]; then
+ sed -e "s/selinux=1 //" -e"s/ selinux=1//" < $GRUB2_CONF > $GRUB2_CONF.new
+ mv $GRUB2_CONF.new $GRUB2_CONF
+ fi
sed -e "s/\(^.*selinux.*$\)/# \1/" < $PAM_LOGIN > $PAM_LOGIN.new
mv $PAM_LOGIN.new $PAM_LOGIN
for n in gdm kdm ; do
--- End Message ---
--- Begin Message ---
Version: 0.3.6
--
Robert Bihlmeyer ASSIST Arrow ECS Internet Security AG
<[email protected]> A-1100 Wien, Wienerbergstraße 11
Tel: +43 1 370 94 40 Fax: +43 1 370 94 40-333
--- End Message ---
