Ubuntu
yelp package

SELinux install failed with errors

Asked by José Maria Oliveira Simões

After getting several errors with SELinux not installing correctly and getting several error messages with SELinux setroubleshoot I did a fresh install.

root@tripeiro:~# sudo apt-get install selinux
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libsetools-tcl libqpol1 setools bwidget
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  bwidget checkpolicy libaudit0 libqpol1 libsemanage-common libsemanage1
  libsetools-tcl libustr-1.0-1 policycoreutils python-selinux python-semanage
  python-sepolgen selinux-policy-ubuntu selinux-utils setools
Recommended packages:
  selinux-policy-default
The following NEW packages will be installed:
  bwidget checkpolicy libaudit0 libqpol1 libsemanage-common libsemanage1
  libsetools-tcl libustr-1.0-1 policycoreutils python-selinux python-semanage
  python-sepolgen selinux selinux-policy-ubuntu selinux-utils setools
0 upgraded, 16 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/6,482kB of archives.
After this operation, 52.9MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Preconfiguring packages ...
Selecting previously deselected package libaudit0.
(Reading database ... 212009 files and directories currently installed.)
Unpacking libaudit0 (from .../libaudit0_1.7.13-1ubuntu2_i386.deb) ...
Selecting previously deselected package libustr-1.0-1.
Unpacking libustr-1.0-1 (from .../libustr-1.0-1_1.0.4-2_i386.deb) ...
Selecting previously deselected package libsemanage-common.
Unpacking libsemanage-common (from .../libsemanage-common_2.0.42-1_all.deb) ...
Selecting previously deselected package libsemanage1.
Unpacking libsemanage1 (from .../libsemanage1_2.0.42-1_i386.deb) ...
Selecting previously deselected package python-semanage.
Unpacking python-semanage (from .../python-semanage_2.0.42-1_i386.deb) ...
Selecting previously deselected package python-selinux.
Unpacking python-selinux (from .../python-selinux_2.0.89-4_i386.deb) ...
Selecting previously deselected package python-sepolgen.
Unpacking python-sepolgen (from .../python-sepolgen_1.0.18-1_all.deb) ...
Selecting previously deselected package policycoreutils.
Unpacking policycoreutils (from .../policycoreutils_2.0.77-1ubuntu1_i386.deb) ...
Selecting previously deselected package selinux-utils.
Unpacking selinux-utils (from .../selinux-utils_2.0.89-4_i386.deb) ...
Selecting previously deselected package selinux.
Unpacking selinux (from .../selinux_1%3a0.9_all.deb) ...
Selecting previously deselected package checkpolicy.
Unpacking checkpolicy (from .../checkpolicy_2.0.20-1_i386.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
ureadahead will be reprofiled on next reboot
Setting up libaudit0 (1.7.13-1ubuntu2) ...

Setting up libustr-1.0-1 (1.0.4-2) ...

Setting up libsemanage-common (2.0.42-1) ...
Setting up libsemanage1 (2.0.42-1) ...

Setting up python-semanage (2.0.42-1) ...

Setting up python-selinux (2.0.89-4) ...

Setting up python-sepolgen (1.0.18-1) ...

Setting up policycoreutils (2.0.77-1ubuntu1) ...
update-rc.d: warning: policycoreutils start runlevel arguments (S 2 3 4 5) do not match LSB Default-Start values (2 3 4 5)

Setting up selinux-utils (2.0.89-4) ...
Setting up selinux (1:0.9) ...
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-2.6.32-22-generic
Found initrd image: /boot/initrd.img-2.6.32-22-generic
Found linux image: /boot/vmlinuz-2.6.31-22-generic
Found initrd image: /boot/initrd.img-2.6.31-22-generic
Found linux image: /boot/vmlinuz-2.6.28-19-generic
Found initrd image: /boot/initrd.img-2.6.28-19-generic
Found linux image: /boot/vmlinuz-2.6.28-11-generic
Found initrd image: /boot/initrd.img-2.6.28-11-generic
Found memtest86+ image: /boot/memtest86+.bin
done

Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Processing triggers for python-support ...
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-2.6.32-22-generic
Selecting previously deselected package selinux-policy-ubuntu.
(Reading database ... 212288 files and directories currently installed.)
Unpacking selinux-policy-ubuntu (from .../selinux-policy-ubuntu_0.2.20091117-0ubuntu1_all.deb) ...
Selecting previously deselected package bwidget.
Unpacking bwidget (from .../bwidget_1.9.0-2_all.deb) ...
Selecting previously deselected package libqpol1.
Unpacking libqpol1 (from .../libqpol1_3.3.6.ds-6ubuntu1_i386.deb) ...
Selecting previously deselected package libsetools-tcl.
Unpacking libsetools-tcl (from .../libsetools-tcl_3.3.6.ds-6ubuntu1_i386.deb) ...
Selecting previously deselected package setools.
Unpacking setools (from .../setools_3.3.6.ds-6ubuntu1_i386.deb) ...
Processing triggers for doc-base ...
Processing 1 added doc-base file(s)...
Registering documents with scrollkeeper...
Processing triggers for man-db ...
Processing triggers for menu ...
Setting up checkpolicy (2.0.20-1) ...
Setting up selinux-policy-ubuntu (0.2.20091117-0ubuntu1) ...
Updating /etc/selinux/config.

Setting up bwidget (1.9.0-2) ...
Setting up libqpol1 (3.3.6.ds-6ubuntu1) ...

Setting up libsetools-tcl (3.3.6.ds-6ubuntu1) ...
Setting up setools (3.3.6.ds-6ubuntu1) ...

Processing triggers for selinux ...
semodule deferred processing now taking place
/usr/sbin/update-selinux-policy: 160: /etc/init.d/selinux: not found
dpkg: error processing selinux (--configure):
 subprocess installed post-installation script returned error exit status 127
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Processing triggers for menu ...
Errors were encountered while processing:
 selinux
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@tripeiro:~#

NOTE: I did an uninstall and removed several packages related to SELinux in ubuntu software center and rebooted the system. Some of then didn't removed because they are necessary to the system to run.

I'm running Ubuntu 10.04 LTS - the Lucid Lynx - released in April 2010

Could someone tell me what I have to do ?

Thanks guys !

Jose Maria

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu yelp Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
GREG T. (ubuntuer) said : 		#1

  go to places -home folder- file system === selinux is listed there .

Revision history for this message
GREG T. (ubuntuer) said : 		#2

 try synaptic package manager - search - selinux === setroubleshooting is listed there

Revision history for this message
GREG T. (ubuntuer) said : 		#3

 on my system it is not installed . but i have no use for it .i do not use selinux .

Revision history for this message
GREG T. (ubuntuer) said : 		#4

would like to refer you to question Question #77670 there is interesting info on selinux .

Revision history for this message
GREG T. (ubuntuer) said : 		#5

 just hi-lite the question then right click it , then do a google search . check out the comments at the bottom .

Revision history for this message
José Maria Oliveira Simões (mp128) said : 		#6

I made several attempts to solve the problem. The problem is that the installation was inconsistent with respect to functional dependencies. I tried to remove SELinux, but always stopped with error. As the system became unstable, I gave up and format the disk and re-installing everything from the beginning, but without SELinux and without softwere AIDE.

Revision history for this message
GREG T. (ubuntuer) said : 		#7

i don`t think i under stand your question . i thought you was trying to install selinux troubleshooting . the way it sounds to me now is your trying to remove all of selinux . from what i was told in the past is selinux is needed and very safe in the ubuntu system .

Revision history for this message
José Maria Oliveira Simões (mp128) said : 		#8

I'm going to give a try to SELinux Distro. I think it will not be a good idea to insist on riding the Ubuntu desk top with SELinux and AIDE. I think the rpm system is better than the ubuntu system. Maybe fedora , Red Hat Enterprise Linux, ou SUSE our EnGarde Secure Linux ...

Revision history for this message
GREG T. (ubuntuer) said : 		#9

please check out this page = http://freshmeat.net/articles/apply-selinux-to-protect-your-system-from-attack
SELinux

Security-Enhanced Linux (SELinux) is a Linux feature that provides a variety of security policies for Linux kernel. It is included with CentOS / RHEL / Fedora Linux, Debian / Ubuntu, Suse, Slackware and many other distributions.

Revision history for this message
José Maria Oliveira Simões (mp128) said : 		#10

Thank You Greg. I I know that the kernel was prepered to have SELlinux, but the process to install the software and scripts on ubuntu fail on me. The mechanism is not bullet prof. If a packge was not been properly installed, we have the chance to have problems. It happen to me! I could not install ou unsinstall, because the process stopped allways with the message "package bronken". I tried several commands but ended with the some old message "package bronken". On the ubuntu we have not a way to force to make a clean install of the package from the scracht if we have same garbage on the system. If a file is missing, you can't unistall the package, because the unsinstall processe stop with the message "package bronken". I want to have the Linux with the same security that I had on Data General AOS/VS system.

Revision history for this message
GREG T. (ubuntuer) said : 		#11

on the first part of this post you say you are trying to install selinux which is already installed , and that is why you got errors . then you say you are trying to remove selinux which is tied in to the whole system . good way to crash system . so i think if you want ubuntu just install it and run it with out trying to make system changes . in the three years i have used ubuntu i have never had any security problems like i did with xp .
 when you go to reinstall check the cd for problems ,check the ram/or the mem test , then install .

Revision history for this message
José Maria Oliveira Simões (mp128) said : 		#12

Sorry Greg, my mistake. The very first time (first install of the SELinux) I got in trouble when I got the message that some files aren't on the system

>>>>> /usr/sbin/update-selinux-policy: 160: /etc/init.d/selinux: not found <<<<<<<

Then I tried to reinstall, but received the info that I was already installed. Then I tried remove the package and received the message that the package was broken. Also I tried to recover from the message but with out of lucky.

This is my 4th install of the ubuntu. I started with a CD ubunto 9 and then during the one of the upgrades I lost my Internet connection for ever, because the install for the 10.04 cleaned the network software (devices and driver's). Everything was working as supposed, less the networking. So, I did a new fresh install, and started again from the scratch.

I have my system with 1 Gb of RAM and 60 Gb of hard disk..

I remember that one time in the past, when I was installing Oracle on fedora, some of the install didn't go, so I ended with some directories empty and some missing directories. I was able to delete and make a new fresh install. I know exactly what to remove and where to search. No problem !

With SELinux, it's a other story. I tried to inform the ubuntu during the boot not to run SELinux, because I wanted to delete It. I started to receive messages from the kernel trying to mount /SELinux. So, I did a new install of the ubuntu and solve all my problems. Well almost all the problems. Now I don't have the SELinux installed, but I would like to have it installed and running. I have another system, and I'm going to try to install fedora and SELinux. In case of trouble I'm going to install the Red Hat AS, or Red Hat ES.

Revision history for this message
GREG T. (ubuntuer) said : 		#13

WOW ! i would say you have had your fun. i say try xubuntu , it is a bit lighter on the system . start with the xubuntu 9.10 , if it works good then upgrade .

Can you help with this problem?

Provide an answer of your own, or ask José Maria Oliveira Simões for more information if necessary.

To post a message you must log in.