LinuxQuestions.org - SELinux on Fedora 11 x86_64, rpm/yum refuse to read database or install pkgs

- Fedora (https://www.linuxquestions.org/questions/fedora-35/)

- - SELinux on Fedora 11 x86_64, rpm/yum refuse to read database or install pkgs (https://www.linuxquestions.org/questions/fedora-35/selinux-on-fedora-11-x86_64-rpm-yum-refuse-to-read-database-or-install-pkgs-758761/)

I tried a few days ago to find a collection of 32bit libraries for ePSXe, which I need for want of any 64 bit build. Having gotten them together, and performed an rpm --import on the gpg keys from the repository in question, namely mirrors.kernel.org, trying to perform an "sudo rpm -ivh <package>.rpm" gives me this message:

Quote:

error: cannot open Packages index using db3 - Permission denied (13)
error: cannot open Packages database in /var/lib/rpm
warning: gtk+-1.2.10-69.fc12.i686.rpm: Header V3 RSA/SHA1 signature: NOKEY, key ID 57bbccba
error: cannot open Packages database in /var/lib/rpm

A check of /var/lib/rpm gives me this:

Quote:

Basenames __db.002 Dirnames Installtid Packages Pubkeys Sha1header
Conflictname __db.003 Filedigests Name Providename Requirename Sigmd5
__db.001 __db.004 Group Obsoletename Provideversion Requireversion Triggername

which are all under the SELinux context rpm_var_lib_t. I get this notice in my troubleshooter:

Quote:

node=TechComm type=AVC msg=audit(1254287073.19:16983): avc: denied { read } for pid=2623 comm="rpm" name="Replicant10k" dev=dm-10 ino=12 scontext=staff_u:staff_r:staff_sudo_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:user_home_dir_t:s0 tclass=dir node=TechComm type=SYSCALL msg=audit(1254287073.19:16983): arch=c000003e syscall=2 success=yes exit=0 a0=7f4737258779 a1=90800 a2=0 a3=7f47361f6fcc items=0 ppid=2604 pid=2623 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="rpm" exe="/bin/rpm" subj=staff_u:staff_r:staff_sudo_t:s0-s0:c0.c1023 key=(null)

on top of that.

and trying to install them via yum with .i586 after the package name gives me this:

Quote:

Traceback (most recent call last):
File "/usr/bin/yum", line 28, in <module>
import yummain
ImportError: No module named yummain

Running audit2allow hasn't helped, I've gone through two modules now trying to fix this but nothing will install. KPackageKit at least works fine.

How can I set things right? It's really bugging me.

PS Releasing any possible stale locks hasn't helped.

You might wanna try rebuilding your RPM database to see if that helps:

1) Backup /var/lib/rpm
2) rm /var/lib/rpm/__db.*
3) rpm --rebuilddb

If the RPM database is corrupt, deleting and rebuilding will fix it. If the permissions or selinux context are incorrect, it will fix that as well.

That's what I added hasn't helped me any.

The SELinux troubleshooter doesn't say anything of the sort, regarding contexts being incorrect, but in enforcing mode with the latest boxed F11 policy I've also gotten this for rpm:

Quote:

rpmdb: /var/lib/rpm/__db.001: Permission denied
error: db4 error(13) from dbenv->open: Permission denied
error: cannot open Packages index using db3 - Permission denied (13)
error: cannot open Packages database in /var/lib/rpm
/usr/lib/python2.6/site-packages/yum/config.py:884: DeprecationWarning: BaseException.message has been deprecated as of Python 2.6
raise Errors.YumBaseError("Error: " + e.message)
CRITICAL:yum.main:

Error: rpmdb open failed

This was before I took another yum module of my own creation intended to fix another issue out, hoping it might solve things.

I can't upgrade to F12 yet because this is a production machine, but as soon as it becomes suitable for daily use I plan to.

If I had to place any bets I'd call this an SELinux policy problem.