Can not access files in own home directory

[Andrew Farris]

On Wed, 2004-06-09 at 09:42 +0200, David Balazic wrote:
> Hi!
> 
> First, is SELinux supposed to work in Fedora Core 2 or is it in beta(alpha)
> phase ?
> 
> Because I get a failure right 5 minutes after installation.
> 
> I did a SELinux enabled install of FC2 ( Workstation type ).
> In firstboot I created a user.
> 
> The I tried to log in on VC2 as that user and it gave a SELinux access
> denied error.
> bash was denied access to /home/me/.bash_profile

Boot to runlevel 1 and run 'fixfiles relabel'.  The filesystem is most
likely not relabeled using the installed policy.  This must be done
before SELinux will operate correctly.

> The I issued a "ls -a" command and it could only list the file names, but
> not the properties,
> again, access was denied.
> 
> So is SELinux there to be used or to be yet developed ?

Yes.. but it is not a drop-in security fix without setup or management..
yet.  You will need to deal with deveopment issues periodically.  The
first one would be getting the newest policy packages, which have
changed name from the FC2 install.  You should install via yum or apt
all of the selinux packages from the Development directories on mirrors:

selinux-policy-targeted-1.13.3-2
libselinux-1.13.2-1
libselinux-debuginfo-1.13.2-1
libselinux-devel-1.13.2-1
selinux-doc-1.10-1
selinux-policy-strict-1.13.3-2
selinux-policy-strict-sources-1.13.3-2
selinux-policy-targeted-sources-1.13.3-2

If you want to test out SELinux with minimal fuss you should configure
the targeted policy.

> Or was this an accidental bug ?
> Should I bugzilla it ?

Probably not, first try the above -- failure to label the filesystem at
install has been discussed some already so its probably not new.
More useful info here:
http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/

> Regards,
> David

-- 
Andrew Farris, CPE senior (California Polytechnic State University, SLO)
fedora at andrewfarris.com :: lordmorgul on irc.freenode.net