# SELinux (targeted policy): conflicting specifications

## malnati

Is there anybody in the whole world who managed to run SELinux (targeted policy) in Gentoo? I need a little help ...

I am trying to use it in a brand new Gentoo stage3 (Kernel 2.6.32-hardened-r9), I tried all versions of selinux-base-policy available, but relabeling the file system

always fails with the same error: "filespec_add: Conflicting specifications for ...".

```

# rlpkg -a -r

Relabeling filesystem types: ext2 ext3 jfs xfs

filespec_add:  conflicting specifications for /usr/bin/getconf and /usr/lib/misc/glibc/getconf/POSIX_V6_ILP32_OFFBIG, using system_u:object_r:lib_t.

filespec_eval:  hash table stats: 251923 elements, 63077/65536 buckets used, longest chain length 8

Scanning for shared libraries with text relocations...

0 libraries with text relocations, 0 not relabeled.

Scanning for PIE binaries with text relocations...

0 binaries with text relocations detected.

```

```

# sestatus -v

SELinux status:                 enabled

SELinuxfs mount:                /selinux

Current mode:                   permissive

Mode from config file:          enforcing

Policy version:                 24

Policy from config file:        targeted

Process contexts:

Current context:                unconfined_u:unconfined_r:unconfined_t

Init context:                   system_u:system_r:init_t

/sbin/agetty                    system_u:system_r:getty_t

/usr/sbin/sshd                  system_u:system_r:sshd_t

File contexts:

Controlling term:               unconfined_u:object_r:user_devpts_t

/sbin/init                      system_u:object_r:init_exec_t

/sbin/agetty                    system_u:object_r:getty_exec_t

/bin/login                      system_u:object_r:login_exec_t

/sbin/rc                        system_u:object_r:initrc_exec_t

/sbin/runscript.sh              system_u:object_r:initrc_exec_t

/usr/sbin/sshd                  system_u:object_r:sshd_exec_t

/sbin/unix_chkpwd               system_u:object_r:chkpwd_exec_t

/etc/passwd                     system_u:object_r:etc_t

/etc/shadow                     system_u:object_r:shadow_t

/bin/sh                         system_u:object_r:bin_t -> system_u:object_r:shell_exec_t

/bin/bash                       system_u:object_r:shell_exec_t

/usr/bin/newrole                system_u:object_r:newrole_exec_t

/lib/libc.so.6                  system_u:object_r:lib_t -> system_u:object_r:lib_t

/lib/ld-linux.so.2              system_u:object_r:lib_t -> system_u:object_r:ld_so_t

```

```

# eselect profile list

Available profile symlink targets:

  [1]   default/linux/x86/10.0

  [2]   default/linux/x86/10.0/desktop

  [3]   default/linux/x86/10.0/desktop/gnome

  [4]   default/linux/x86/10.0/desktop/kde

  [5]   default/linux/x86/10.0/developer

  [6]   default/linux/x86/10.0/server

  [7]   hardened/linux/x86/10.0

  [8]   selinux/2007.0/x86

  [9]   selinux/2007.0/x86/hardened

  [10]  selinux/v2refpolicy/x86

  [11]  selinux/v2refpolicy/x86/desktop

  [12]  selinux/v2refpolicy/x86/developer

  [13]  selinux/v2refpolicy/x86/hardened *

  [14]  selinux/v2refpolicy/x86/server

```

----------

