D. D. Brierton wrote:
> Paul F. Johnson wrote:
>>> Any suggestions on what to do? >>> >>> I know I can boot with selinux=0. After that, what? Attempt to >>> reinstall selinux? > > > > Yep. > > Have a look in /var/cache/yum/base/packages for the versions of > selinux. Find the one before the one you installed > sudo yum --oldpackage -Uhv selinux-policy-targeted<version>
> Thanks, Paul. I assume you meant "rpm" there, not "yum".
> But won't I have a problem if I re-install selinux with selinux > switched off? I mean, won't the files get created without the selinux > extra attributes on them? How do I get selinux to reset the > permissions when I reboot with selinux back on?
> Plus, was I the only one who had this problem? No one else seems to > have had a problem so I assume the updated package wasn't simply > borked.
Don't know if it's the same problem, but I found after updating selinux-policy-targeted via up2date about half an hour ago that I suddenly was unable to start any programs. I'm now only able to boot with enforce=0 or selinux=0 (I have tried touch /.autorelabel).
Possibly relevant stuff:
from /var/log/messages:
Jun 27 18:19:51 localhost kernel: audit(1119896346.517:0): avc: denied { execmod } for pid=1 comm=init path=/lib/tls/libc-2.3.5.so dev=hda3 ino=2436457 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t tclass=file
Jun 27 18:19:51 localhost kernel: audit(1119896346.517:0): avc: denied { execmod } for pid=1 comm=init path=/lib/ld-2.3.5.so dev=hda3 ino=2436456 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:ld_so_t tclass=file
# /usr/sbin/getsebool allow_execmod allow_execmod --> active # rpm -q selinux-policy-targeted selinux-policy-targeted-1.17.30-3.13 # uname -r 2.6.11-1.14_FC3
Will try rolling back when I have more time.
-- imalone
