Re: SElinux and FC6

Vidiot wrote:
If this is not the right place to ask this question, please direct me to the
right place.

Yesterday I upgraded from FC2 to FC6. When it rebooted, it froze because
SElinux complained something about the machine being mandatory, or something
like that. I didn't write down the error message. The boot process froze
pretty much right away.

I ultimately had to use the rescue CD in order to boot FC6 and go searching
for a way to get rid of the problem. I ultimately found the /etc/selinux/config
file and disabled selinux.

While I should ultimately have SElinux running, it seems that the FC6 install
set up the system so that it will not work. Is this a bug in the FC6 upgrade?

It's probably an upgrade bug in FC6 installer.

First thing I would check is if there's anything in /etc/selinux that
got created with extension .rpmnew (check timestamps to make sure
.rpmnew files are newer than config files, there's probability some of
them were from FC2 updates). Probably most important will be policy.18
and file_contexts files. If there is, just move them into place (for
example mv policy.18 policy.18.orig followed by mv policy.18.rpmnew

When you are done with that, you should try re-enabling selinux in the
configuration file, than create /.autorelabel (touch /.autorelabel) and
reboot. This will cause /etc/rc.sysinit to recreate SELinux labels
early in the boot process (hopefull before everything freezes). If it
freezes before it gets to relabeling, try putting SELinux into
permissive mode (in the configuration file), make sure /.autorelabel is
there and reboot. When it's done try going back into enforcing mode.

Hopefully this will help.

redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe