installation of selinux on non-selinux system
Jim Cornette
jim-cornette at insight.rr.com
Sun Nov 21 01:54:13 UTC 2004
After upgrading a computer from FC2 to FC3, I decided to give SELinux a
shot and used up2date to retrieve the rpm for selinux-policy-targeted
and expected for all needed deps to be pulled in. The other dependent
ackages did not get pulled in with this selection. I ended up having
system messages not being accessable and also httpd being damened with
errors. I supposed that there was an abnormality on my particular
system. Within recent days, I have noted others experiencing similar
failures on the fedora-list. I then decided that this might e a more
common prblem than first expected.
Another Fedora user was asking questions regarding running fixfiles
relabel. I noticed that I also did not have fixfiles installed.
After several failures trying to install selinux-policy-targeted-sources
using up2date, I tried using yum and was able to get the needed
dependent programs that contained fixfiles. After relabeling the system
for targeted using fixfiles relabel at a command prompt, I decided to go
one step further and fixfiles relabel with
selinux-policy-strict-1.17.30-2 installed, which did not pull in
fixfiles either when using up2date.
Attached is the AVC messages containing 11/19/04 when I ended up
changing targeted / enforcing jn order to get system logs to diagnose
another problem and finding out that there were no logs from 10/4 until
11/19. Messages after 8:00 PM are avc errors after relabeling the
filesystem and rebooting.
After trying to start X in runlevel 3 using startx and experiencing a
failure, I ran setenforce 0 and decided to at least attempt to convey
useful information to help improve SELinux installations for systems
that are upgraded from non-selinux to selinux complient systems.
Thanks,
Jim Cornette
--
You will give someone a piece of your mind, which you can ill afford.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: blocks-messages-no-fixfiles-then-relabel-enabled-strict
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20041120/bfa51780/attachment.ksh>
More information about the fedora-selinux-list
mailing list