Tom London wrote:
On 12/16/05, Daniel J Walsh dwalsh@redhat.com wrote:
Stephen Smalley wrote:
On Fri, 2005-12-16 at 07:34 -0800, Tom London wrote:
running today's policy, have boot/network problems.
Fixed boot problems by turning off hplip/cups.
Appears more 'netif' work is needed:
Dan removed what he thought were obsolete initial SIDs from the policy, but you can't do that without rebuilding the kernel to match. Thus, rawhide policy is busted, revert and reboot and wait for an update.
Fixed policy is on ftp://people.redhat.com/dwalsh/SELinux/Fedora
Uhh... get the following messages with 'yum --enablerepo=dwalsh update selinux-policy-targeted'. Do I need the updated libsepol, etc. too?
tom
(1/1): selinux-policy-tar 100% |=========================| 235 kB 00:00 Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Updating : selinux-policy-targeted ######################### [1/2] libsepol.mls_from_string: invalid MLS context s0) libsepol.mls_from_string: could not construct mls context structure libsepol.context_from_record: could not create context structure libsepol.context_from_string: could not create context structure libsepol.sepol_context_to_sid: could not convert system_u:object_r:var_run_t:s0) to sid /etc/selinux/targeted/contexts/files/file_contexts: line 808 has invalid context system_u:object_r:var_run_t:s0) libsemanage.semanage_install_active: setfiles returned error code 1. Failed! Cleanup : selinux-policy-targeted ######################### [2/2]
Updated: selinux-policy-targeted.noarch 0:2.1.6-6 Complete!
-- Tom London
Could you try semodule -b /usr/share/selinux/targeted/base.pp
See if the previous error is just caused by the bad policy.
Dan