Bug 769859
| Summary: | selinux-policy-* packages seem to be testing SELinux status incorrectly | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | jcpunk | ||||
| Component: | selinux-policy | Assignee: | Michal Trunecka <mtruneck> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Michal Trunecka <mtruneck> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 6.2 | CC: | ajb, Colin.Simpson, dwalsh, ebenes, mishu, mmalik, mtruneck, toracat | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | selinux-policy-3.7.19-132.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-06-20 12:30:14 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
I can confirm this bug. Fixed in selinux-policy-3.7.19-132.el6 Yes, we discovered this issue after RHEL6.2. Good catch. Thank you. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0780.html |
Created attachment 549206 [details] This patch should fix the issue by removing [ ] from around selinuxenabled Description of problem: When installing an updated selinux-policy-targeted on a system which has selinux disabled, the following error is displayed: SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.24, searching for an older version. SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.24: No such file or directory load_policy: Can't load policy: No such file or directory This error is displayed as the rpm is attempting to run load_policy when a policy cannot be loaded. This can be a confusing error for people who do not have selinux enabled, but are installing each update as it is released. Version-Release number of selected component (if applicable): 3.7.19-126.el6 How reproducible: always Steps to Reproduce: 1. Install a minimal system 2. Ensure getenforce reports 'Disabled' 3. Update selinux-policy-targeted 4. See error produced by the process Actual results: The package installs but an error is produced causing concern where none need be given. Expected results: The package should install without producing an error so that, if in the future selinux is enabled, the system can be up to date. Additional info: the attached patch should resolve the problem