Bug 126814

Summary: updates seem to affect system even if selinux is not active
Product: [Fedora] Fedora Reporter: Michal Jaegermann <michal>
Component: selinux-policy-strictAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-07-26 18:01:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Jaegermann 2004-06-27 17:38:09 UTC 
Description of problem:

Even with 'SELINUX=disabled' in /etc/sysconfig/selinux,
and 'selinux=0' in a boot command for a good measure, if
selinux-policy-strict was installed then updating the package
seems to affect the system.  The most visible to me result is
that after such update one cannot open a new shell either
locally or via ssh.  A reboot clears that condition
(together with everything else, unfortunately).

This is only a guess as nothing gets logged anywhere, AFAICT,
but selinux support seems to be the most likely candidate.
I noticed that effect only recently (last two rawhide updates?).

Version-Release number of selected component (if applicable):
selinux-policy-strict-1.13.10
Comment 1 Daniel Walsh 2004-07-20 15:14:21 UTC 
Are you still seeing this?

Can you run selinuxconfig when it is happening?

Dan
Comment 2 Michal Jaegermann 2004-07-20 15:25:19 UTC 
I am no longer sure that I attributed that correctly.  See bug #127048.
It seemed at the time that selinux was the most likely candidate but
possibly this was a coincidence.  OTOH I cannot exclude that connection
either.

Yes, this is still happening, although I cannot really predict when.
I will try selinuxconfig when this will strike again.
Comment 3 Michal Jaegermann 2004-07-22 20:17:29 UTC 
I got stuck again after the latest round of updates but this does
not seem to a selinux fault because this time around no
selinux-policy packages are installed.

selinuxconfig just prints

selinux state="disabled"
policypath="/etc/selinux/targeted"
default_type_path="/etc/selinux/targeted/contexts/default_type"
default_context_path="/etc/selinux/targeted/contexts/default_contexts"
default_failsafe_context_path="/etc/selinux/targeted/contexts/failsafe_context"
binary_policy_path="/etc/selinux/targeted/policy/policy"
user_contexts_path="/etc/selinux/targeted/contexts/users/"
contexts_path="/etc/selinux/targeted/contexts"

but otherwise does not have any effect.  More details in comments
to bug #127048.
Comment 4 Daniel Walsh 2004-07-26 18:01:31 UTC 
Ok I am going to close this bug and allow the other to move forward.