Bug 119522
| Summary: | "invalid context" for default "fixfiles relabel" | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | John Reiser <jreiser> |
| Component: | policycoreutils | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Ben Levenson <benl> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | pgraner |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-02-09 18:55:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 122683 | ||
You need to reload the policy before the fixfiles. /usr/sbin/load_policy /etc/security/selinux/policy.15 Or make -c /etc/security/selinux/src/policy load RPM does not currently load the policy after install. You do not need to disable selinux, you should be able to put it in non-enforcing mode. Policy has been update to automatically load so this problem should go away. policy-1.9.2-1 Dan Fixed in current release |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040312 Description of problem: Default install of FC2test2 (Software Development Workstation) would not boot successfully with [default] SELINUX=enforcing in /etc/sysconfig/selinux. I changed to SELINUX=disabled, booted successfully (including 'firstboot' one-time setup), up2date all packages (except: esound, esound-devel, fedora-logos, gimp, gstreamer, libdv; which give dependency errors), change back to SELINUX=enforcing, and try to run "fixfiles relabel" before rebooting. This fails with multiple "invalid context" complaints. Version-Release number of selected component (if applicable): policycoreutils-1.9-16 How reproducible: Didn't try Steps to Reproduce: 1.Default install FC2test2 Software Development Workstation (sets SELINUX=enforcing). Pentium4, ASUS mobo, 2001 BIOS, ide disks, ide DVD and CD-R, PS/2 keyboard, USB mouse [very "vanilla".] 2.Attempt to boot [fails with console spewing SELinux complaints.] 3.Set SELINUX=disabled, boot, up2date, set SELINUX=enforcing, run "fixfiles relabel". Actual Results: /usr/sbin/setfiles: read 1345 specifications Cleaning out /tmp /usr/sbin/setfiles: invalid context system_u:object_r:default_t on line number 39 /usr/sbin/setfiles: invalid context system_u:object_r:root_t on line number 44 /usr/sbin/setfiles: invalid context system_u:object_r:home_root_t on line number 53 /usr/sbin/setfiles: invalid context system_u:object_r:home_root_t on line number 54 /usr/sbin/setfiles: invalid context system_u:object_r:user_home_dir_t on line number 55 /usr/sbin/setfiles: invalid context system_u:object_r:user_home_dir_t on line number 56 /usr/sbin/setfiles: invalid context system_u:object_r:user_home_t on line number 57 /usr/sbin/setfiles: invalid context system_u:object_r:user_home_t on line number 58 /usr/sbin/setfiles: invalid context system_u:object_r:mnt_t on line number 62 /usr/sbin/setfiles: invalid context system_u:object_r:var_t on line number 67 Exiting after 10 errors. Expected Results: 1. Successful boot after default install of Software Development Workstation with SELINUX=enforcing on vanilla box. 2. Successful execution of "fixfiles relabel" in default install. Additional info: