论坛: Open Discussion (Thread #44366)

Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-09 08:40 by zeebra #87723)

I'm new to Tomoyo and currently learning it, so thanks for good manuals, providing a start/core to work with (learning mode) and learn from and "easy-to-implement" tools. I started out with tomoyo-tools-2.5, and had the same issue there as I have currently. My Kernel is new, so I wanted to/had to move to tomoyo-tools-2.6. Unlike 2.5, 2.6 was not provided by my distro. I have no issues installing from source, and I'm sure it would have worked just fine, but even better I could "rpmbuild", which made it even better for my setup.
There were basically no dependencies needed, so the installation was about as smooth as it could have been. This is a great advantage of tomoyo over SELinux at least. I've tried to force SELinux onto Slackware (python2) which was an outright mess and in the end it was not worth it. I can imagine the process would not have been much smoother on other systems either. Not sure about apparmor, but knowing where they come from, I'm pretty sure they must have some/alot of dependencies. Anyways, getting tomoyo up and running is a breeze, provided you know how to deal with the Kernel. It's so easy that I'm quite impressed by how minimalistic these tools are.

Anyways, I guess it could have something to do with the way things are described in the documentation or me misunderstanding something. But from the documentation it seems that you are suppose to use tomoyo-tools with /sys/* directory. Or suppose to be able to at least. But maybe I misunderstood, because I'm just getting segmentation fauls with tomoyo-tools when trying to do that. So I figured it would work around this "issue" and use tomoyo tools with /etc/tomoyo folder instead. But that might be how it is meant to be done in the first place. But if it is, might I suggest to make this more clear in the documentation please.

Anyways, I'm still learning, and the more I learn, the more it seems that it is possible to really develop very complex policies, and that the tools to do so are very good. I'm just getting started and I'm already doing fairly complex things, and getting quite a good understanding of the potential of tomoyo, and I'm really liking it. That getting it up and running so easily, and it being so minimalistic is so great, considering that. The documentation is quite good too, especially the basics part, but perhaps it could need some more info in the advanced part. Not everything is easy to figure out for yourself, and some things are somewhat tomoyo-specific, so trying to figure them out can be a bit challenging if you lack the information. Why is tomoyo doing that, why is it behaving like this, why does it react like that, etc etc. Developing policy is basically a massive task if you really get into it, there are endless things you can do with it to tune it to your preferences, and developing solid policies for all domains is a big annd complex undertaking. I like the approach tomoyo is taking, providing you with a base to start with, a core to develop from, and the learning mode is not only for tomoyo, but also for the user!

I guess at some point I will start to understand the limitations, but until that I will develop policies in a very friendly MAC environment. And since 2.6, it supports co-MAC with SeLinux anyways, if limitations will ever become a real life issue. But I think for alot of people, tomoyo will do what they need, and if not, I guess it might also form a solid understanding of how MAC works for people who might want to try SELinux.

So, thanks for great software, and cheers! Everything is working very well, very smoothly, except that Segmentation fault issue with tomoyo-editpolicy. I can recreate it, or better said, it is recreated every time I use learning mode to develop a policy and then proceed to use editpolicy. I've tried to clear and recreate policies etc, but I always end up with this issue. In particular this issue happens when trying to delete entries, and it happens every time. So I can't use edipolicy to delete any enties. It could come up with other functions as well, but I'm not sure. I've gotten into the habit of editing policies manually and with patternize anyways. But it would be nice to be able to use editpolicy without any issues too!. I can view/review all domains and policies without issues, so that's basically what I'm using it for. Overall it's not a big deal for me, I can still go about learning and doing what I want to do with tomoyo, but it would be nice to not have these issues with editpolicy. But then again, it might be that I misunderstood how to use editpolicy. But, I didn't do anything "wrong" to cause this issue, it creates itself as policy is populated with learning mode without any input. I'm fairly sure it's only with the "delete" function, and it happens trying to delete anything anywhere.

回复到 #87723×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-11 09:56 by kumaneko #87729)

Hello.

On 2021/07/09 8:40, zeebra wrote:
> I can recreate it, or better said, it is recreated every time I use learning
> mode to develop a policy and then proceed to use editpolicy. I've tried to clear
> and recreate policies etc, but I always end up with this issue. In particular
> this issue happens when trying to delete entries, and it happens every time.

OK. Since you already know steps to reproduce this problem, can you e-mail me
/tmp/strace.log obtained by reproducing this problem within

# strace -ttf -s 1024 -o /tmp/strace.log tomoyo-editpolicy

and your distribution/version and your kernel version (output of "uname -r") ?

> Unlike 2.5, 2.6 was not provided by my distro. I have no issues installing from
> source, and I'm sure it would have worked just fine, but even better I could
> "rpmbuild", which made it even better for my setup.

"rpmbuild -tb tomoyo-tools-2.6.0-20201111.tar.gz" will allow you to make an rpm from
tomoyo-tools-2.6.0-20201111.tar.gz , and "alien -k --scripts" will allow you to make
a deb from an rpm.

> Anyways, I guess it could have something to do with the way things are described
> in the documentation or me misunderstanding something. But from the documentation
> it seems that you are suppose to use tomoyo-tools with /sys/* directory. Or
> suppose to be able to at least. But maybe I misunderstood, because I'm just
> getting segmentation fauls with tomoyo-tools when trying to do that. So I figured
> it would work around this "issue" and use tomoyo tools with /etc/tomoyo folder
> instead. But that might be how it is meant to be done in the first place. But
> if it is, might I suggest to make this more clear in the documentation please.

tomoyo-editpolicy uses /sys/kernel/security/tomoyo/ when editing on-memory config
and uses /etc/tomoyo/ when editing on-disk config. If directory argument is omitted,
tomoyo-editpolicy assumes that you want to edit on-memory config and uses
/sys/kernel/security/tomoyo/ .

> I guess at some point I will start to understand the limitations, but until
> that I will develop policies in a very friendly MAC environment. And since 2.6,
> it supports co-MAC with SeLinux anyways, if limitations will ever become a real
> life issue. But I think for alot of people, tomoyo will do what they need, and
> if not, I guess it might also form a solid understanding of how MAC works for
> people who might want to try SELinux.

Thank you. I also provide CaitSith as yet another choice (for those who think
that even TOMOYO is too complicated to use).
回复到 #87723

回复到 #87729×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-11 22:25 by kumaneko #87730)

Thanks for sending me the strace data.

I found that the segmentation fault is occurring between

'd' key was pressed

and

"Delete selected entry? ('Y'es/'N'o)" is printed

, and you are using xterm-256color with probably rather small screen rows/columns.

Can you try different terminals (e.g. xterm if logged in using ssh from
TeraTerm, linux if logged in from text mode console) ?

Also, can you try building without color support (i.e. remove -DCOLOR_ON
from usr_sbin/Makefile before running make command) ?
回复到 #87729

回复到 #87730×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-14 19:32 by zeebra #87746)

Thank you. I'm starting to think this has something to do with my Kernel config (securityXYZ?) or some system security tools (pam/msec?).

I tried tomoyo-editpolicy on tty2 and have the same issue as before. But I also tried to manually edit inside /sys/kernel/security/tomoyo as root and I cannot write to any file there. I tried both in xession/plasma/konsole and tty2 and got these messages in my log. (I'm not enforcing those policies/domains, they are in learning mode).

<kernel> /usr/sbin/init /usr/sbin/agetty /usr/bin/login /usr/bin/bash /usr/bin/nano ( /usr/bin/nano ) is not permitted to update policies.
<kernel> /usr/sbin/init /usr/bin/sddm /usr/libexec/sddm-helper /usr/share/sddm/scripts/Xsession /etc/X11/Xsession /usr/bin/sh /usr/bin/startplasma-x11 /usr/bin/plasma_session /usr/bin/plasmashell /usr/bin/konsole /usr/bin/bash /usr/bin/su /usr/bin/bash /usr/bin/nano ( /usr/bin/nano ) is not permitted to update policies.

Well, I don't know the details of securityfs or /sys/kernel/security/tomoyo/, but I can only write to that folder using tomoyo-loadpolicy, and I have no write access as root. Perhaps that is the default behaviour, and it does make more sense now. I can't imagine it is just the editor (it's also tomoyo-editpolicy)..

Not sure this means anything important to you, but I found it in the logs:
tomoyo-editpoli[550041]: segfault at e018deaa0 ip 00007f79fe9884ce sp 00007ffdc46b7310 error 6 in libncurses.so.6.2[7f79fe986000+1a000]
Code: 0f b7 43 08 66 83 f8 ff 0f 84 8e 00 00 00 66 44 39 e0 7f 70 66 44 39 63 0a 7d 09 66 44 89 63 0a 0f 1f 40 00 48 8b 03 83 c2 01 <42> 89 34 a0 0f bf 45 06 39 c2 0f 8f 8a 00 00 00 66 89 55 02 48 83

I could probably try xterm in the near future if you think the test is still important, let me know.
回复到 #87730

回复到 #87746×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-15 01:08 by kumaneko #87748)

On 2021/07/14 19:32, zeebra wrote:
> Thank you. I'm starting to think this has something to do with my Kernel config
> (securityXYZ?) or some system security tools (pam/msec?).

These are irrelevant.

> I tried tomoyo-editpolicy on tty2 and have the same issue as before. But I also
> tried to manually edit inside /sys/kernel/security/tomoyo as root and I cannot
> write to any file there. I tried both in xession/plasma/konsole and tty2 and
> got these messages in my log. (I'm not enforcing those policies/domains, they
> are in learning mode).
>
> <kernel> /usr/sbin/init /usr/sbin/agetty /usr/bin/login /usr/bin/bash /usr/bin/nano
> ( /usr/bin/nano ) is not permitted to update policies.
> <kernel> /usr/sbin/init /usr/bin/sddm /usr/libexec/sddm-helper
> /usr/share/sddm/scripts/Xsession /etc/X11/Xsession /usr/bin/sh
> /usr/bin/startplasma-x11 /usr/bin/plasma_session /usr/bin/plasmashell
> /usr/bin/konsole /usr/bin/bash /usr/bin/su /usr/bin/bash /usr/bin/nano
> ( /usr/bin/nano ) is not permitted to update policies.
>
> Well, I don't know the details of securityfs or /sys/kernel/security/tomoyo/,
> but I can only write to that folder using tomoyo-loadpolicy, and I have no write
> access as root. Perhaps that is the default behaviour, and it does make more
> sense now. I can't imagine it is just the editor (it's also tomoyo-editpolicy)..

This is because only programs or domains listed in /sys/kernel/security/tomoyo/manager
can modify policy via writing to /sys/kernel/security/tomoyo/ directory.

>
> Not sure this means anything important to you, but I found it in the logs:
> tomoyo-editpoli[550041]: segfault at e018deaa0 ip 00007f79fe9884ce
> sp 00007ffdc46b7310 error 6 in libncurses.so.6.2[7f79fe986000+1a000]
> Code: 0f b7 43 08 66 83 f8 ff 0f 84 8e 00 00 00 66 44 39 e0 7f 70 66 44 39 63
> 0a 7d 09 66 44 89 63 0a 0f 1f 40 00 48 8b 03 83 c2 01 <42> 89 34 a0 0f bf 45
> 06 39 c2 0f 8f 8a 00 00 00 66 89 55 02 48 83

Yes, this is a problem which is occurring inside ncurses library, namely

printw("Delete selected entr%s? ('Y'es/'N'o)",
c > 1 ? "ies" : "y");

call in tomoyo-tools/usr_sbin/editpolicy.c .

Something is going wrong inside ncurses library, but I can't tell whether
this is a callee's (i.e. ncurses) bug or caller's (i.e. tomoyo-editpolicy) bug.

For example, CentOS 7 uses ncurses-5.9-14.20130511.el7_4 and shows no problem.
Maybe something has changed in ncurses library 6.0 or higher if this is a caller's bug.

>
> I could probably try xterm in the near future if you think the test is still
> important, let me know.

Not important. I installed Mageia-8-Live-Plasma-x86_64.iso and reproduced
this problem locally, and performed debug fprintf() tracing.
回复到 #87746

回复到 #87748×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-15 10:56 by zeebra #87758)

> > Not sure this means anything important to you, but I found it in the logs:
> > tomoyo-editpoli[550041]: segfault at e018deaa0 ip 00007f79fe9884ce
> > sp 00007ffdc46b7310 error 6 in libncurses.so.6.2[7f79fe986000+1a000]
> > Code: 0f b7 43 08 66 83 f8 ff 0f 84 8e 00 00 00 66 44 39 e0 7f 70 66 44 39 63
> > 0a 7d 09 66 44 89 63 0a 0f 1f 40 00 48 8b 03 83 c2 01 <42> 89 34 a0 0f bf 45
> > 06 39 c2 0f 8f 8a 00 00 00 66 89 55 02 48 83
>
> Yes, this is a problem which is occurring inside ncurses library, namely
>
> printw("Delete selected entr%s? ('Y'es/'N'o)",
> c > 1 ? "ies" : "y");
>
> call in tomoyo-tools/usr_sbin/editpolicy.c .
>
> Something is going wrong inside ncurses library, but I can't tell whether
> this is a callee's (i.e. ncurses) bug or caller's (i.e. tomoyo-editpolicy) bug.
>
> For example, CentOS 7 uses ncurses-5.9-14.20130511.el7_4 and shows no problem.
> Maybe something has changed in ncurses library 6.0 or higher if this is a caller's bug.
>
> >
> > I could probably try xterm in the near future if you think the test is still
> > important, let me know.
>
> Not important. I installed Mageia-8-Live-Plasma-x86_64.iso and reproduced
> this problem locally, and performed debug fprintf() tracing.

Alright. I hope you can manage to find a solution, if this is a tomoyo related issue. Just adding to the information, I'm pretty sure I had this issue with Mageia 7.1 as well. That's where I first tested Tomoyo, and I'm pretty sure the Ncurses library was older. But I can't say how old, or how long ago it was exactly, the timeline is getting a bit blurry for me. But I guess it could be worth testing as well for additional information (with and without updates).

Sorry for my ignorance, I'm quite new to the topic, and I discovered I had kernel lockdown enabled and thought that could affect it, but it was set to none, and it having an effect wouldn't make sense anyways. Anyways, thanks for Tomoyo, I'm looking forward to keep using it and learning. I just thought it was important to report any issues back to otherwise excellent software. Thanks for your time, and have a good day!

If there is anything further I can assist with or information needed, feel free to ask.
回复到 #87748

回复到 #87758×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-16 00:02 by kumaneko #87759)

I reported this problem as https://lists.gnu.org/archive/html/bug-ncurses/2021-07/msg00013.html .

You could try v6_1_20181020 built with

./configure --prefix=/usr/my-ncurses-v6_1_20181020 --with-shared
make -s
make -s install

and run tomoyo-editpolicy like

LD_LIBRARY_PATH=/usr/my-ncurses-$tag/lib/ tomoyo-editpolicy

so that an older version of ncurses library is used.
回复到 #87758

回复到 #87759×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-07-18 14:08 by kumaneko #87761)

I got a response as https://lists.gnu.org/archive/html/bug-ncurses/2021-07/msg00021.html . Please try:

--- a/usr_sbin/Makefile
+++ b/usr_sbin/Makefile
@@ -26,12 +26,12 @@
$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ $< -ltomoyotools -L.

tomoyo-editpolicy: tomoyotools.h editpolicy*.c readline.h /usr/include/curses.h libtomoyotools.so
- $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltinfo -ltomoyotools -L. -DCOLOR_ON || \
- $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltomoyotools -L. -DCOLOR_ON
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltinfo -ltomoyotools -L. -DCOLOR_ON -DNCURSES_WIDECHAR=0 || \
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltomoyotools -L. -DCOLOR_ON -DNCURSES_WIDECHAR=0

tomoyo-queryd: tomoyotools.h tomoyo-queryd.c readline.h /usr/include/curses.h libtomoyotools.so
- $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltinfo -ltomoyotools -L. || \
- $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltomoyotools -L.
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltinfo -ltomoyotools -L. -DNCURSES_WIDECHAR=0 || \
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltomoyotools -L. -DNCURSES_WIDECHAR=0

install: all
mkdir -p -m 0755 $(INSTALLDIR)$(USRLIBDIR)
回复到 #87759

回复到 #87761×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录

Re: Tomoyo-editpolicy (tomoyo-tools) segmentation fault (core dumped) (2021-08-28 19:40 by zeebra #87973)

Reply To Message #87761
> I got a response as https://lists.gnu.org/archive/html/bug-ncurses/2021-07/msg00021.html . Please try:
>
> --- a/usr_sbin/Makefile
> +++ b/usr_sbin/Makefile
> @@ -26,12 +26,12 @@
> $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ $< -ltomoyotools -L.
>
> tomoyo-editpolicy: tomoyotools.h editpolicy*.c readline.h /usr/include/curses.h libtomoyotools.so
> - $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltinfo -ltomoyotools -L. -DCOLOR_ON || \
> - $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltomoyotools -L. -DCOLOR_ON
> + $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltinfo -ltomoyotools -L. -DCOLOR_ON -DNCURSES_WIDECHAR=0 || \
> + $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-editpolicy editpolicy*.c -lncurses -ltomoyotools -L. -DCOLOR_ON -DNCURSES_WIDECHAR=0
>
> tomoyo-queryd: tomoyotools.h tomoyo-queryd.c readline.h /usr/include/curses.h libtomoyotools.so
> - $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltinfo -ltomoyotools -L. || \
> - $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltomoyotools -L.
> + $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltinfo -ltomoyotools -L. -DNCURSES_WIDECHAR=0 || \
> + $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o tomoyo-queryd tomoyo-queryd.c -lncurses -ltomoyotools -L. -DNCURSES_WIDECHAR=0
>
> install: all
> mkdir -p -m 0755 $(INSTALLDIR)$(USRLIBDIR)

Thank you.

I was having the same issue on another distro, and this was an easy way to fix that immediately.
回复到 #87761

回复到 #87973×

You can not use Wiki syntax
You are not logged in. To discriminate your posts from the rest, you need to pick a nickname. (The uniqueness of nickname is not reserved. It is possible that someone else could use the exactly same nickname. If you want assurance of your identity, you are recommended to login before posting.) 登录