selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: Policy is not managed or store cannot be accessed

Re: Policy is not managed or store cannot be accessed

From: Justin P. Mattock <justinmattock_at_nospam>
Date: Wed Jan 20 2010 - 20:45:48 GMT
To: AlannY <m@alanny.ru>


On 01/20/10 12:21, AlannY wrote:
> Hi there. I'm new in SELinux world. I'm trying to setup SELinux in Archlinux. Everything seems ok.
> Everything successfully built and even runs.
>
> But when I'm trying to do something with SELinux (semanage, semodule), I'm getting to following error:
>
> %# semanage login -l
> /usr/sbin/semanage: SELinux policy is not managed or store cannot be accessed.
>
> I don't know what I can do in this situation. I've already asked on Archlinux forum about this problem,
> but there are no experts in SELinux, so no one answered.
>
> Sestatus tells me, that SELinux is working:
>
> %# sestatus
> SELinux status: enabled
> SELinuxfs mount: /selinux
> Current mode: permissive
> Mode from config file: permissive
> Policy version: 24
> Policy from config file: refpolicy
>
> When I'm trying to go to enforcement, the system is hang off. I think, it's normal, because of AVC deniels in log.
> I can solve it by creating new module, but I cannot load it, because of 1st error (not managed/not accessed).
>
> I'm
> %# id -Z
> root:staff_r:insmod_t
>
> What can I do?
>
> I think, that my problem is with version mismatch of selinux tools (checkpolicy,semanage) and refpolicy.
> Where can I check it? Currently I have:
>
> kernel26-selinux-2.6.31
> selinux-coreutils-7.6
> selinux-pam-1.1.0
> refpolicy-2.20091117
> selinux-sysvinit-2.86
> checkpolicy-2.0.20
> libselinux-2.0.89
> libsemanage-2.0.42
> libsepol-2.0.41
> selinux-usr-policycoreutils-2.0.77
> sepolgen-1.0.18
>
> That everything I have.
>
> Thanks for patience.

I was getting the same thing until
I did sudo /usr/sbin/semanage *

Justin P. mattock -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.