Installing the new policy
Bob Gustafson
bobgus at rcn.com
Sat May 29 19:49:41 UTC 2004
I am also having problems installing the new selinux stuff
I wonder if the main problem is a missing /etc/selinux/config file which
probably tells pieces of the system which of the policy-strict, etc. files
to use (??)
I updated my system and did a 'yum install policy\*` (maybe also
selinux-policy\* too)
- Also saw error messages (but also 'success') during yum run.
[root at hoho2 user1]# date
Sat May 29 14:33:39 CDT 2004
[root at hoho2 user1]# /sbin/fixfiles relabel
/sbin/fixfiles: line 23: /etc/selinux/config: No such file or directory
[root at hoho2 user1]# ls -l /etc/selinux
total 16
drwxr-xr-x 5 root root 4096 May 29 12:05 strict
drwxr-xr-x 5 root root 4096 May 29 12:06 targeted
[root at hoho2 user1]#
--- I am also getting a flock of console messages of the form: ---
--- (I thought doing a 'fixfiles relabel' would clear these up, but.. --
inode_doinit_with_dentry: context_to_sid(user_u:object_r:user_tmp_t)
returned 22 for dev=sda2 ino=6094897
inode_doinit_with_dentry: context_to_sid(user_u:object_r:user_tmp_t)
returned 22 for dev=sda2 ino=6094944
inode_doinit_with_dentry: context_to_sid(user_u:object_r:user_tmp_t)
returned 22 for dev=sda2 ino=6094946
inode_doinit_with_dentry: context_to_sid(user_u:object_r:user_tmp_t)
returned 22 for dev=sda2 ino=6094908
---- additional info ---
[root at hoho2 user1]# od -c /selinux/enforce
0000000 0
0000001
[root at hoho2 user1]#
[user1 at hoho2 user1]$ cat /proc/version
Linux version 2.6.6-1.397smp (bhcompile at tweety.build.redhat.com) (gcc
version 3.
3.3 20040412 (Red Hat Linux 3.3.3-7)) #1 SMP Fri May 28 11:34:11 EDT 2004
[user1 at hoho2 user1]$
[root at hoho2 selinux]# pwd
/etc/security/selinux
[root at hoho2 selinux]# ls -l
total 51056
-rw-r--r-- 1 root root 86904 May 29 12:13 file_contexts
-rw-r--r-- 1 root root 88310 May 11 10:03 file_contexts.rpmnew
-rw-r--r-- 1 root root 87205 May 26 12:56 file_contexts.rpmsave
-rw-r--r-- 1 root root 7408105 May 29 12:13 policy.15
-rw-r--r-- 1 root root 7383775 May 20 21:37 policy.15.rpmsave
-rw-r--r-- 1 root root 7409842 May 29 12:13 policy.16
-rw-r--r-- 1 root root 7385512 May 20 21:37 policy.16.rpmsave
-rw-r--r-- 1 root root 7410154 May 29 12:13 policy.17
-rw-r--r-- 1 root root 7409751 May 11 10:03 policy.17.rpmnew
-rw-r--r-- 1 root root 7434273 May 26 12:56 policy.17.rpmsave
drwx------ 3 root root 4096 May 7 10:24 src
[root at hoho2 selinux]#
BobG
On Fri, 28 May 2004 14:34:30 -0400, Richard Hally wrote:
>Included below is the out put from doing a "yum install
>selinux-policy\*" while in enforcing mode:
>
>[root at old1 root]# yum install selinux-policy\*
>Gathering header information file(s) from server(s)
>Server: Fedora Core 2 - i386 - Base
>Server: Fedora Core 2 - Development Tree
>Server: Fedora Core 2 - i386 - Released Updates
>Finding updated packages
>Downloading needed headers
>Resolving dependencies
>Dependencies resolved
>I will do the following:
>[install: selinux-policy-targeted 1.13.1-1.noarch]
>[install: selinux-policy-strict 1.13.1-1.noarch]
>[install: selinux-policy-strict-sources 1.13.1-1.noarch]
>[install: selinux-policy-targeted-sources 1.13.1-1.noarch]
>Is this ok [y/N]: y
>Downloading Packages
>Getting selinux-policy-targeted-1.13.1-1.noarch.rpm
>selinux-policy-targeted-1 100% |=========================| 25 kB 00:00
>Getting selinux-policy-strict-1.13.1-1.noarch.rpm
>selinux-policy-strict-1.1 100% |=========================| 1.1 MB 00:08
>Getting selinux-policy-strict-sources-1.13.1-1.noarch.rpm
>selinux-policy-strict-sou 100% |=========================| 1.3 MB 00:12
>Getting selinux-policy-targeted-sources-1.13.1-1.noarch.rpm
>selinux-policy-targeted-s 100% |=========================| 252 kB 00:01
>Running test transaction:
>Test transaction complete, Success!
>selinux-policy-strict 100 % done 1/6
>Can't open '/etc/selinux/strict/policy/policy.17': Permission denied
>selinux-policy-targeted 100 % done 2/6
>Can't open '/etc/selinux/targeted/policy/policy.17': Permission denied
>selinux-policy-strict-sources 100 % done 3/6
>make: Entering directory `/etc/selinux/strict/src/policy'
>/usr/sbin/load_policy /etc/selinux/strict/policy/policy.`cat
>/selinux/policyvers`
>Can't open '/etc/selinux/strict/policy/policy.17': Permission denied
>make: *** [tmp/load] Error 2
>make: Leaving directory `/etc/selinux/strict/src/policy'
>selinux-policy-targeted-sources 100 % done 4/6
>make: Entering directory `/etc/selinux/targeted/src/policy'
>/usr/sbin/load_policy /etc/selinux/targeted/policy/policy.`cat
>/selinux/policyvers`
>Can't open '/etc/selinux/targeted/policy/policy.17': Permission denied
>make: *** [tmp/load] Error 2
>make: Leaving directory `/etc/selinux/targeted/src/policy'
>warning: /etc/security/selinux/policy.17 saved as
>/etc/security/selinux/policy.17.rpmsave
>warning: /etc/security/selinux/file_contexts saved as
>/etc/security/selinux/file_contexts.rpmsave
>Erasing: policy 5/6
>warning: /etc/security/selinux/src/policy/users saved as
>/etc/security/selinux/src/policy/users.rpmsave
>warning:
>/etc/security/selinux/src/policy/file_contexts/program/seuser.fc saved
>as /etc/security/selinux/src/policy/file_contexts/program/seuser.fc.rpmsave
>Erasing: policy-sources 6/6
>Installed: selinux-policy-targeted 1.13.1-1.noarch
>selinux-policy-strict 1.13.1-1.noarch selinux-policy-strict-sources
>1.13.1-1.noarch selinux-policy-targeted-sources 1.13.1-1.noarch
>Transaction(s) Complete
>[root at old1 root]#
>
>Richard Hally
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
More information about the fedora-selinux-list
mailing list