Re: SElinux and FC6



Vidiot wrote:
If this is not the right place to ask this question, please direct me to the
right place.

Yesterday I upgraded from FC2 to FC6. When it rebooted, it froze because
SElinux complained something about the machine being mandatory, or something
like that. I didn't write down the error message. The boot process froze
pretty much right away.

I ultimately had to use the rescue CD in order to boot FC6 and go searching
for a way to get rid of the problem. I ultimately found the /etc/selinux/config
file and disabled selinux.

While I should ultimately have SElinux running, it seems that the FC6 install
set up the system so that it will not work. Is this a bug in the FC6 upgrade?

It's probably an upgrade bug in FC6 installer.

First thing I would check is if there's anything in /etc/selinux that
got created with extension .rpmnew (check timestamps to make sure
.rpmnew files are newer than config files, there's probability some of
them were from FC2 updates). Probably most important will be policy.18
and file_contexts files. If there is, just move them into place (for
example mv policy.18 policy.18.orig followed by mv policy.18.rpmnew
policy.18).

When you are done with that, you should try re-enabling selinux in the
configuration file, than create /.autorelabel (touch /.autorelabel) and
reboot. This will cause /etc/rc.sysinit to recreate SELinux labels
early in the boot process (hopefull before everything freezes). If it
freezes before it gets to relabeling, try putting SELinux into
permissive mode (in the configuration file), make sure /.autorelabel is
there and reboot. When it's done try going back into enforcing mode.

Hopefully this will help.

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



Relevant Pages

  • RE: Best way to copy /usr to different partition?
    ... Best way to copy /usr to different partition? ... messages log file and it appears that selinux reported ... it seems that selinux is having problems. ... I suppose I can reboot setting the selinux = 0 and then ...
    (Fedora)
  • Re: How best get rid of SELinux?
    ... This will make sure your files have the right selinux ... label, ... With all due respect Andy, I probably did that 6 or 7 times. ... haven't built an ndiswrapper for just yet, but will reboot and do that. ...
    (Fedora)
  • Re: SELinux revisited
    ... I thought maybe I should give selinux another chance here. ... reboot cycle making me think it was stuck in a loop or something. ... # This file contains the auditctl rules that are loaded ...
    (Fedora)
  • Best way to copy /usr to different partition?
    ... messages log file and it appears that selinux reported ... mounted filesystems. ... it seems that selinux is having problems. ... I suppose I can reboot setting the selinux = 0 and then ...
    (Fedora)
  • RE: Best way to copy /usr to different partition?
    ... Best way to copy /usr to different partition? ... messages log file and it appears that selinux reported ... it seems that selinux is having problems. ... I suppose I can reboot setting the selinux = 0 and then ...
    (Fedora)