SElinux settings different for upgrade vs full-install
Bruno Wolff III
bruno at wolff.to
Thu Jul 24 00:33:51 UTC 2008
On Mon, Jul 21, 2008 at 20:35:23 -0700,
Douglas Otis <doug.mtview at gmail.com> wrote:
> When logging in as root on an upgraded system, the desktop would not load
> (gconf related errors), and there appeared to be no way to shutdown or
> escape beyond hitting the system reset while seeing mostly a blank screen.
>
> There was a difference noticed between a full-install and the upgrade from
> Fedora 8. User Mapping for "root" had been "root", whereas the full-install
> had this set to "unconfined_u" (which is also the default). Making this
> change seems to have fixed the problem noticed when starting a graphical
> logon as root.
>
> After making this change, the system Default Policy Type also changed to
> "targeted". Being new to SElinux, it is hard to know the risk this may
> represent, if any. Does anyone know? Should the policy exceptions be used
> to modify SElinux instead?
Dan Walsh blogged about this issue not too long ago. The symptons in that
case are a little different, but I think the root problem is likely the
same. See:
http://danwalsh.livejournal.com/21067.html
More information about the fedora-list
mailing list