Knowledge Base:Conflicting specifications during rlpkg

From Gentoo Wiki
Jump to:navigation Jump to:search


When trying to relabel a package (using the rlpkg tool) a message similar to the following is displayed:

root #rlpkg -a -r
filespec_add: conflicting specifications for /usr/bin/getconf and 
/usr/lib64/misc/glibc/getconf/XBS5_LP64_OFF64, using


This article is applicable to Gentoo Linux systems with a selinux profile:

root #eselect profile show
Current /etc/make.profile symlink:

A SElinux profile ends with /selinux.


This is most likely caused by hard linked files. SELinux uses the extended attributes in the file system to store the security context of a file. If two separate paths point to the same file using hard links (i.e. the files share the same inode) then both files will have the same security context. rlpkg (and related applications) obtain the security context from a path value. As such, they may get two different results (different paths) for the same file (hardlinked files).


The solution depends on the particular case; in order of most likely to happen and resolve:

  1. Although both files are the same, they are not used in the same context. In such cases, it is recommended to remove one of the files and then copy the other file back to the first. For example:
    root #rm file_B; cp file_A file_B
    This way, both files have different inodes and can be labelled accordingly.
  2. Both files are used for the same purpose; in this case, it might be better to label the file which would not be labelled correctly (say a binary somewhere in a /usr/lib64 location) using the semanage tool:
root #semanage fcontext -a -t correct_domain_t /usr/lib64/path/to/file

It is also not a bad idea to report (after verifying if it has not been reported by someone else) this on Gentoo's Bugzilla so that the default policies are updated accordingly.