Paul Howarth wrote:
Claude Jones wrote:
On Tuesday June 13 2006 03:58, Paul Howarth wrote:
I believe that the cause of this particular problem is that the FC5
out-of-the-box SELinux policy does not assign the correct context type
to yumex and it does not execute the rpm scriptlets in the correct
SELinux domain as a result, which causes the failures you've seen.
Updating the SELinux packages (and possibly yumex) first using yum
*should* result in a working yumex.
Paul: This is not clear to me - my machine that produced all the
problems over the past days is a fresh install, updated daily over the
past 2 weeks. Yumex and SELinux policies are at current versions from
Core/Updates/Extras - Yumex is ver yumex-1.0.1-1.0.fc5; are you saying
that I should have selectively updated Yumex and SELinux before
running any other updates from day 1?
The FC5 selinux policy itself does not set the correct context for
yumex, which causes scriptlets to fail, which in turn causes lots of
mysterious problems:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186076
It is not safe to use yumex on FC5 with SELinux in enforcing mode until
selinux-policy has been updated to at least 2.2.25-3.fc5.
To answer your question: yes, you need to update selinux-policy using
some method other than yumex before updating anything using yumex.
Paul.
running 'setenforce 0' before running yumex should allow successful
upgrading also. After the initial update, I presume setting SELinux to
permissive would not be needed. Scriptlets should work successfully.
I'm sort of 'gun shy' after past scriptlet failures and set the system
to permissive before updating it. Then I set selnux active again when
updating is completed.
Jim
--
The best diplomat I know is a fully activated phaser bank.
-- Scotty
