Http clean install - and many problems with the initial install
Jim Cornette
penny-cornette at insight.rr.com
Thu Mar 18 05:22:23 UTC 2004
I just installed Fedora core development from 3/17 and after the
install, gdm did not recognize that there was actually a home directory
created.
This also happened with the root account.
Anyway, user regular had files that it did not seem to own within using
mc to visually see the files present. all the files looked like the
default for broken symlinks.
With the root user. gdm did not see the /root directory and would not start.
Next, I thought that I'd telinit to runlevel 1 and change to
/etc/security/selinux/src/policy to run make, then make relabel. I ran
make and there was nothing to make. Performing an ls on the directory
only yielded a file_x and nothing more.
I edited my grub.conf file and am now running with SELinux off. I then
checked if policy was installed, it was. Then checked if policy-sources
was installed, it wasn't.
I then ran up2date policy-sources and it downloaded policy sources, then
checkpolicy as a requirement. Checking the directory now, there are
other files installed.
The below mess is what I did so far. I will run make and make relabel
tomorrow.
I also have a lot of mail to root with errors galore. This might help
narrow down some problems.
Also, thanks for the suggestion of turning off fam for the other
installation that I have. I'll try to see if the error count goes down.
paste below of activity (from gnome-terminal)
[root at cornette-development root]# rpm -q policy
policy-1.8-19
[root at cornette-development root]# rpm -q policy-sources
package policy-sources is not installed
[root at cornette-development root]# up2date policy-sources
http://fedora.redhat.com/download/up2date-mirrors/fedora-core-rawhide
using mirror: http://mirrors.kernel.org/fedora/core/development/i386/
Fetching Obsoletes list for channel: fedora-core-rawhide...
Fetching rpm headers...
########################################
Name Version Rel
----------------------------------------------------------
policy-sources 1.8 19
noarch
Testing package set / solving RPM inter-dependencies...
########################################
policy-sources-1.8-19.noarc ########################## Done.
checkpolicy-1.8-1.i386.rpm: ########################## Done.
Preparing ########################################### [100%]
Installing...
1:checkpolicy ###########################################
[100%]
2:policy-sources ###########################################
[100%]
make: Entering directory `/etc/security/selinux/src/policy'
mkdir -p tmp
( cd domains/program/ ; for n in *.te ; do echo "define(\`$n')"; done )
> tmp/program_used_flags.te.tmp
( cd domains/misc/ ; for n in *.te ; do echo "define(\`$n')"; done ) >>
tmp/program_used_flags.te.tmp
mv tmp/program_used_flags.te.tmp tmp/program_used_flags.te
mkdir -p tmp
m4 -Imacros -s flask/security_classes flask/initial_sids
flask/access_vectors tunable.te attrib.te tmp/program_used_flags.te
macros/program/apache_macros.te macros/program/chkpwd_macros.te
macros/program/chroot_macros.te macros/program/clamav_macros.te
macros/program/crond_macros.te macros/program/crontab_macros.te
macros/program/fingerd_macros.te macros/program/gpg_macros.te
macros/program/gph_macros.te macros/program/irc_macros.te
macros/program/login_macros.te macros/program/lpr_macros.te
macros/program/mount_macros.te macros/program/mozilla_macros.te
macros/program/mta_macros.te macros/program/newrole_macros.te
macros/program/rhgb_macros.te macros/program/run_program_macros.te
macros/program/screen_macros.te macros/program/sendmail_macros.te
macros/program/slocate_macros.te macros/program/ssh_agent_macros.te
macros/program/ssh_macros.te macros/program/su_macros.te
macros/program/uml_macros.te macros/program/xauth_macros.te
macros/program/x_client_macros.te macros/program/xserver_macros.te
macros/program/ypbind_macros.te macros/admin_macros.te
macros/base_user_macros.te macros/core_macros.te macros/global_macros.te
macros/mini_user_macros.te macros/user_macros.te types/device.te
types/devpts.te types/file.te types/network.te types/nfs.te
types/procfs.te types/security.te domains/admin.te domains/user.te
domains/misc/auth-net.te domains/misc/fcron.te domains/misc/kernel.te
domains/misc/startx.te domains/program/acct.te domains/program/amanda.te
domains/program/amavis.te domains/program/anaconda.te
domains/program/apache.te domains/program/apmd.te domains/program/atd.te
domains/program/auditd.te domains/program/authbind.te
domains/program/automount.te domains/program/backup.te
domains/program/bluetooth.te domains/program/bootloader.te
domains/program/calamaris.te domains/program/canna.te
domains/program/cardmgr.te domains/program/checkpolicy.te
domains/program/chkpwd.te domains/program/chroot.te
domains/program/ciped.te domains/program/clamav.te
domains/program/consoletype.te domains/program/courier.te
domains/program/cpucontrol.te domains/program/cpuspeed.te
domains/program/crack.te domains/program/crond.te
domains/program/crontab.te domains/program/cups.te
domains/program/cyrus.te domains/program/dbusd.te
domains/program/ddt-client.te domains/program/devfsd.te
domains/program/dhcpc.te domains/program/dhcpd.te
domains/program/dictd.te domains/program/dmesg.te
domains/program/fingerd.te domains/program/firstboot.te
domains/program/fsadm.te domains/program/fs_daemon.te
domains/program/ftpd.te domains/program/games.te
domains/program/getty.te domains/program/gnome-pty-helper.te
domains/program/gpg.te domains/program/gpm.te
domains/program/hostname.te domains/program/hotplug.te
domains/program/hwclock.te domains/program/ifconfig.te
domains/program/imazesrv.te domains/program/inetd.te
domains/program/initrc.te domains/program/init.te
domains/program/innd.te domains/program/ipsec.te
domains/program/iptables.te domains/program/ircd.te
domains/program/irc.te domains/program/irqbalance.te
domains/program/jabberd.te domains/program/klogd.te
domains/program/kudzu.te domains/program/lcd.te
domains/program/ldconfig.te domains/program/loadkeys.te
domains/program/load_policy.te domains/program/login.te
domains/program/logrotate.te domains/program/lpd.te
domains/program/lpr.te domains/program/lrrd.te domains/program/lvm.te
domains/program/mailman.te domains/program/mdadm.te
domains/program/modutil.te domains/program/monopd.te
domains/program/mount.te domains/program/mozilla.te
domains/program/mrtg.te domains/program/mta.te domains/program/mysqld.te
domains/program/named.te domains/program/nessusd.te
domains/program/netsaint.te domains/program/netutils.te
domains/program/newrole.te domains/program/nscd.te
domains/program/nsd.te domains/program/ntpd.te
domains/program/oav-update.te domains/program/openca-ca.te
domains/program/pamconsole.te domains/program/pam.te
domains/program/passwd.te domains/program/perdition.te
domains/program/ping.te domains/program/portmap.te
domains/program/portslave.te domains/program/postfix.te
domains/program/postgresql.te domains/program/pppd.te
domains/program/prelink.te domains/program/privoxy.te
domains/program/procmail.te domains/program/pump.te
domains/program/pxe.te domains/program/quota.te
domains/program/radius.te domains/program/radvd.te
domains/program/restorecon.te domains/program/rhgb.te
domains/program/rlogind.te domains/program/rpcd.te
domains/program/rpm.te domains/program/rshd.te domains/program/samba.te
domains/program/scannerdaemon.te domains/program/screen.te
domains/program/sendmail.te domains/program/setfiles.te
domains/program/seuser.te domains/program/slapd.te
domains/program/slocate.te domains/program/slrnpull.te
domains/program/snmpd.te domains/program/snort.te
domains/program/sound-server.te domains/program/sound.te
domains/program/spamd.te domains/program/speedmgmt.te
domains/program/squid.te domains/program/ssh-agent.te
domains/program/ssh.te domains/program/sudo.te
domains/program/sulogin.te domains/program/su.te domains/program/sxid.te
domains/program/syslogd.te domains/program/sysstat.te
domains/program/tcpd.te domains/program/tftpd.te
domains/program/tmpreaper.te domains/program/traceroute.te
domains/program/transproxy.te domains/program/udev.te
domains/program/uml.te domains/program/updfstab.te
domains/program/uptimed.te domains/program/usbmodules.te
domains/program/useradd.te domains/program/userhelper.te
domains/program/utempter.te domains/program/vmware.te
domains/program/watchdog.te domains/program/xauth.te
domains/program/xdm.te domains/program/xfs.te domains/program/xserver.te
domains/program/ypbind.te domains/program/ypserv.te
domains/program/zebra.te assert.te rbac users constraints
initial_sid_contexts fs_use genfs_contexts net_contexts > policy.conf.tmp
mv policy.conf.tmp policy.conf
mkdir -p /etc/security/selinux/src
install -m 644 policy.conf /etc/security/selinux/src/policy.conf
mkdir -p /etc/security/selinux
/usr/bin/checkpolicy -c -o /etc/security/selinux/policy.15
/etc/security/selinux/src/policy.conf
/usr/bin/checkpolicy: loading policy configuration from
/etc/security/selinux/src/policy.conf
security: 3 users, 5 roles, 1161 types, 1 bools
security: 30 classes, 198929 rules
/usr/bin/checkpolicy: policy configuration loaded
/usr/bin/checkpolicy: writing binary representation (version 15) to
/etc/security/selinux/policy.15
warning: discarding booleans and conditional rules
mkdir -p file_contexts/misc
m4 file_contexts/types.fc file_contexts/program/acct.fc
file_contexts/program/amanda.fc file_contexts/program/amavis.fc
file_contexts/program/anaconda.fc file_contexts/program/apache.fc
file_contexts/program/apmd.fc file_contexts/program/atd.fc
file_contexts/program/auditd.fc file_contexts/program/authbind.fc
file_contexts/program/automount.fc file_contexts/program/backup.fc
file_contexts/program/bluetooth.fc file_contexts/program/bootloader.fc
file_contexts/program/calamaris.fc file_contexts/program/canna.fc
file_contexts/program/cardmgr.fc file_contexts/program/checkpolicy.fc
file_contexts/program/chkpwd.fc file_contexts/program/chroot.fc
file_contexts/program/ciped.fc file_contexts/program/clamav.fc
file_contexts/program/consoletype.fc file_contexts/program/courier.fc
file_contexts/program/cpucontrol.fc file_contexts/program/cpuspeed.fc
file_contexts/program/crack.fc file_contexts/program/crond.fc
file_contexts/program/crontab.fc file_contexts/program/cups.fc
file_contexts/program/cyrus.fc file_contexts/program/dbusd.fc
file_contexts/program/ddt-client.fc file_contexts/program/devfsd.fc
file_contexts/program/dhcpc.fc file_contexts/program/dhcpd.fc
file_contexts/program/dictd.fc file_contexts/program/dmesg.fc
file_contexts/program/fingerd.fc file_contexts/program/firstboot.fc
file_contexts/program/fsadm.fc file_contexts/program/fs_daemon.fc
file_contexts/program/ftpd.fc file_contexts/program/games.fc
file_contexts/program/getty.fc file_contexts/program/gnome-pty-helper.fc
file_contexts/program/gpg.fc file_contexts/program/gpm.fc
file_contexts/program/hostname.fc file_contexts/program/hotplug.fc
file_contexts/program/hwclock.fc file_contexts/program/ifconfig.fc
file_contexts/program/imazesrv.fc file_contexts/program/inetd.fc
file_contexts/program/initrc.fc file_contexts/program/init.fc
file_contexts/program/innd.fc file_contexts/program/ipsec.fc
file_contexts/program/iptables.fc file_contexts/program/ircd.fc
file_contexts/program/irc.fc file_contexts/program/irqbalance.fc
file_contexts/program/jabberd.fc file_contexts/program/klogd.fc
file_contexts/program/kudzu.fc file_contexts/program/lcd.fc
file_contexts/program/ldconfig.fc file_contexts/program/loadkeys.fc
file_contexts/program/load_policy.fc file_contexts/program/login.fc
file_contexts/program/logrotate.fc file_contexts/program/lpd.fc
file_contexts/program/lpr.fc file_contexts/program/lrrd.fc
file_contexts/program/lvm.fc file_contexts/program/mailman.fc
file_contexts/program/mdadm.fc file_contexts/program/modutil.fc
file_contexts/program/monopd.fc file_contexts/program/mount.fc
file_contexts/program/mozilla.fc file_contexts/program/mrtg.fc
file_contexts/program/mta.fc file_contexts/program/mysqld.fc
file_contexts/program/named.fc file_contexts/program/nessusd.fc
file_contexts/program/netsaint.fc file_contexts/program/netutils.fc
file_contexts/program/newrole.fc file_contexts/program/nscd.fc
file_contexts/program/nsd.fc file_contexts/program/ntpd.fc
file_contexts/program/oav-update.fc file_contexts/program/openca-ca.fc
file_contexts/program/pamconsole.fc file_contexts/program/pam.fc
file_contexts/program/passwd.fc file_contexts/program/perdition.fc
file_contexts/program/ping.fc file_contexts/program/portmap.fc
file_contexts/program/portslave.fc file_contexts/program/postfix.fc
file_contexts/program/postgresql.fc file_contexts/program/pppd.fc
file_contexts/program/prelink.fc file_contexts/program/privoxy.fc
file_contexts/program/procmail.fc file_contexts/program/pump.fc
file_contexts/program/pxe.fc file_contexts/program/quota.fc
file_contexts/program/radius.fc file_contexts/program/radvd.fc
file_contexts/program/restorecon.fc file_contexts/program/rhgb.fc
file_contexts/program/rlogind.fc file_contexts/program/rpcd.fc
file_contexts/program/rpm.fc file_contexts/program/rshd.fc
file_contexts/program/samba.fc file_contexts/program/scannerdaemon.fc
file_contexts/program/screen.fc file_contexts/program/sendmail.fc
file_contexts/program/setfiles.fc file_contexts/program/seuser.fc
file_contexts/program/slapd.fc file_contexts/program/slocate.fc
file_contexts/program/slrnpull.fc file_contexts/program/snmpd.fc
file_contexts/program/snort.fc file_contexts/program/sound-server.fc
file_contexts/program/sound.fc file_contexts/program/spamd.fc
file_contexts/program/speedmgmt.fc file_contexts/program/squid.fc
file_contexts/program/ssh-agent.fc file_contexts/program/ssh.fc
file_contexts/program/sudo.fc file_contexts/program/sulogin.fc
file_contexts/program/su.fc file_contexts/program/sxid.fc
file_contexts/program/syslogd.fc file_contexts/program/sysstat.fc
file_contexts/program/tcpd.fc file_contexts/program/tftpd.fc
file_contexts/program/tmpreaper.fc file_contexts/program/traceroute.fc
file_contexts/program/transproxy.fc file_contexts/program/udev.fc
file_contexts/program/uml.fc file_contexts/program/updfstab.fc
file_contexts/program/uptimed.fc file_contexts/program/usbmodules.fc
file_contexts/program/useradd.fc file_contexts/program/userhelper.fc
file_contexts/program/utempter.fc file_contexts/program/vmware.fc
file_contexts/program/watchdog.fc file_contexts/program/xauth.fc
file_contexts/program/xdm.fc file_contexts/program/xfs.fc
file_contexts/program/xserver.fc file_contexts/program/ypbind.fc
file_contexts/program/ypserv.fc file_contexts/program/zebra.fc >
file_contexts/file_contexts.tmp
rm file_contexts/file_contexts.tmp
mkdir -p /etc/security/selinux
install -m 644 file_contexts/file_contexts
/etc/security/selinux/file_contexts
/usr/sbin/load_policy /etc/security/selinux/policy.15
/usr/sbin/load_policy: security_load_policy failed
make: *** [reload] Error 3
make: Leaving directory `/etc/security/selinux/src/policy'
The following packages were added to your selection to satisfy dependencies:
Name Version Release
--------------------------------------------------------------
checkpolicy 1.8 1
[root at cornette-development root]# pwd
/root
[root at cornette-development root]# cd /etc/security/selinux/src/policy
[root at cornette-development policy]# ls
appconfig file_contexts mls remove-unwanted-policy
assert.te flask net_contexts tmp
attrib.te fs_use policy.15 tunable.te
ChangeLog genfs_contexts policy.conf types
constraints initial_sid_contexts policy.spec users
COPYING macros rbac VERSION
domains Makefile README
More information about the fedora-selinux-list
mailing list