do I need SELinux?
Daniel J Walsh
dwalsh at redhat.com
Sun Nov 21 04:31:40 UTC 2004
Jim Cornette wrote:
> Steven Stern wrote:
>
>> On Sat, 20 Nov 2004 01:49:39 -0500, Jim Cornette
>> <fc-cornette at insight.rr.com>
>> wrote:
>>
>>
>>> fixfiles relabel comes back with a command not found. I am using
>>> up2date to get the strict policy and to see if any deps are pulled
>>> in which include fixfiles
>>
>>
>>
>> I have the same issue on the upgraded machine. OTOH, I installed FC3
>> on a
>> brand new Compaq yesterday. SELinux seems to be working and happy.
>>
>
> I never had SELinux installed on this computer before. I remember
> downloading a host of programs and dropping to a shell, then
> performing the fixfiles relabel, which did restore my computer to a
> usable SELinux state.
>
> What surprised me is that neither installing selinux-policy-targeted
> or selinux-policy-strict pulled in any needed dep for selinux to
> include the fixfiles utility. The below listed are all that ended up
> being installed. I'll have to search the SELinux list archivs for the
> list of programs that contain fixfiles.
>
> selinux-policy-targeted-1.17.31-1
> libselinux-1.19.1-3
> selinux-policy-strict-1.17.30-2
>
> Running in permissive because of the missing fixfiles and no logs or
> httpd specific corrections.
>
> Jim
Fixfiles is part of policycoreutils which is required by policy source
packages but not the regular policy package in FC3.
I will add policycoreutils as a required part of the policy rpms, this
will force it to be pulled in, since not having the tools to
relabel makes the policy file pretty useless.
Dan
More information about the fedora-list
mailing list