Bug 1008742

Summary: http://fedoraproject.org/wiki/FedUp missing selinux info
Product: [Retired] Fedora Documentation Reporter: Dave Botsch <botsch>
Component: fedora-websitesAssignee: Fedora Websites Team <web-members>
Status: CLOSED DUPLICATE QA Contact: Fedora Websites Team <web-members>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: develCC: me, nman64, web-members
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-07 07:34:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dave Botsch 2013-09-17 02:11:04 UTC 
Description of problem:

One of the pieces that can potentially get messed up after a fedup upgrade is selinux... specifically old modules (not custom, but from a previous install) still hanging around. Which will cause selinux errors to be printed out during upgrades of the selinux-policy-targeted module.

Version-Release number of selected component (if applicable):

not applicable

How reproducible:

unclear what goes wrong during the upgrade to cause this to happen. 

Steps to Reproduce:
1. Install fedora 17
2. Run fedup to 19

Actual results:
tribute entropyd_var_run_t (No such file or directory)

libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory)

Expected results:

No errors :)

Additional info:

After a lot of googling, I came to some old bugzillas such as 511067, which led me to find that after running fedup to f19, I had old selinux targeted policy modules still left over from f17 (and possibly older). For whatever reason, the postinstall script of fedup did not remove the older modules (does fedup run postinstall or require postupgrades -- which would mean the selinux-policy-targeted rpm needs to be fixed -- ).

The solution was quite simple, following what was in the referenced bugzilla:

> #setenforce 0
> #mv /etc/selinux/targeted /etc/selinux/targeted.old
mkdir -p /etc/selinux/targeted # added by me, since without this, the rpm would complain that it could not touch /etc/selinux/targeted/.rebuild -- no such file or directory /etc/selinux/targeted
> #yum reinstall selinux-policy-targeted
> #restorecon -R -v /etc/selinux
> #setenforce 1    

Documenting this on the wiki page would be useful in case others run into it.
Comment 1 Pete Travis 2014-01-07 07:34:52 UTC 
Fedup documentation is in the Installation Guide, and there is an open bug requesting better coverage of SELinux issues encountered with Fedup; I'm marking this as a duplicate of that bug, because broadly, you're asking for better documentation of Selinux issues encountered with fedup..

The wiki is a wiki. You can edit it.

*** This bug has been marked as a duplicate of bug 1044541 ***