F7: SELinux feature or bug?
Arthur Pemberton
pemboa at gmail.com
Wed Jul 11 10:13:43 UTC 2007
On 7/8/07, Jeroen Lankheet <admin1 at lankheet.com> wrote:
> Hi all,
>
> I think I've been stupid or framed or both. I wanted to samba share a
> USB disk on a F7 system but got an SELinux message saying that the
> directory could not be shared, and that there was a command to get it
> right (=wrong?).
> So I typed in
>
> chcon -t samba_share_t -R /
I find that hard to believe, but ok.
>
> Yes, that's what was in the SElinux message thingie as suggestion. And
> being a total SELinux nitwit I did what the almighty Linux system adviced.
Interesting tone your taking on a mailing list used to request
assistance (usually)
> So it took a while before getting "operation not permitted" on /dev/....
> Then I cancelled the operation but the damage has apparently already
> been made.
> I retyped the command with the proper directory to share and now the
> share worked.
See, you're not a nitwit.
> But when I restarted the system all kinds of services were broken
> including /dev/eth0.
Easily fixable, there's a single command to relabel everything appropriately.
> The kernel could not find the eth0 device. The X configuration was gone
> and all kinds of errors were smashed into my face.
> So it looks like the SELinux (or me myself?) has scrambled my harddisk.
It's definitely you yourself, since you did admit to running the
command (which SELinux doesn't do for you)
> I cannot even login anymore. The system is completely dead.
Linux systems don't die so easily, there's always runlevel 1, if even
that doesn't work, there's the rescue disk.
> Some 'simple' questions:
> Why did this go wrong?
You typed in a power command, as root, with inappropriate arguments,
either by your own mistake, or by the mistake of the SELinux problem
resolution adviser.
> What actually did go wrong?
You gave the entire system the same labelling, the entire system
doesn't not use the same labelling.
> What to do next? Re-install? That would be a bummer.
Not necessary, if the advice you receive here in inadequate, come over
to the IRC chatroom and request live assistance, just be polite.
> Thanks for the help.
>
> Regards,
> Jeroen.
Regards
--
Fedora Core 6 and proud
More information about the fedora-list
mailing list