Hi! On Thu, 2016-01-14 at 23:57:28 -0500, Alan Corey wrote: > Package: dpkg > Version: 1.18.1 > Severity: normal
> I'm using armhf Debian on a phone, NOT in a chroot, by using basically an > adapted Debian Kit to get Jessie instead of somethiing old. Almost > everything I install gives the error message "security labeling handle: no > such file or directory". I found on the web a workaround of sorts by > remounting /sys/fs/selinux readonly during the installation, but this causes > Android to panic and lock up after about 1 minute. Normally this works in a > terminal emulator or over a VNC or SSH connection concurently with Android > apps. Old versions of Debian from a year ago didn't have this problem, and > it may be compunded by the fact that Android shipped with selinux in > permissive mode until 5.0. Going to permissive mode has little affect on > the problem. > > It seems to come from src/selinux.c which is where the error message can be > found. It seems like at least if you set selinux to permissive this should > only be a warning, not stop the install. Or maybe it could be a new --force > option to dpkg. Right, that makes sense, and I wrote a patch to add such --force option when you filed the bug report, but one problem is that dpkg-statoverride also sets SE labels, and dpkg would need a way to pass the force option somehow to the child program. Which means programs might still fail. :/ But I could certainly try to make it non-fatal on non-enforcing mode. > dpkg 1.16.16 doesn't have this problem, I don't know exactly when it > started. 1.17.25 and 1.18.4 have problems. This was a code change prompted by a conversation with SE Linux upstream on what the preferred way to do SE labelling was. Thanks, Guillem
