Bug 845194
| Summary: | SELinux: unable to find usable policy file: No such file or directory | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Richard W.M. Jones <rjones> |
| Component: | systemd | Assignee: | systemd-maint |
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 18 | CC: | chepioq, dominick.grift, dwalsh, hdegoede, i, johannbg, kchamart, lnykryn, lpoetter, madko, metherid, mgrepl, midgoon, msekleta, notting, plautrba, public.oss, systemd-maint, vpavlin, xset1980 |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-10-07 22:45:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Richard W.M. Jones
2012-08-02 08:01:50 UTC
$ ls /etc/selinux/*/policy/* /etc/selinux/targeted/policy/policy.27 How do we know what policy version it is looking for? Ideally it should print the min/max values in the error message. The message you are seeing is actually a systemd bug. systemd in the initrd is looking for selinux-policy and failing to find it since it is not in the initrd. We have had other SELinux issues with the current systemd. According to Adam Williamson these seem to be fixed with the current selinux-policy. selinux-policy-3.11.1-0.fc18.noarch Re-opening as I'm still seeing this message on boot, even after upgrading systemd to systemd-189-2.fc18.x86_64 and regenerating my initrd. Note I don't see any adverse effects from the message, but the message in itself is ugly, and should not be there IMHO. I guess the component should be changed to ... systemd? dracut? Seen on F18 Live alpha TC5 to RC3 Fixed in git. Soon in F18. If you want to get rid of the error after install you have to ( as always to get rid of those grub errors ) reinstall grub ( grub2-install /dev/sdX ) and regenerate the grub config ( grub2-mkconfig -o /boot/grub2/grub.cfg ) Nah, "dracut -f" should suffice. after installing the new systemd this will rebuild the initrd and include the new systemd version in it. Install alpha then run dracut -f and see if your theory works ;) Please report this on upstream to solve. I try Alpha 3.1 and continue it. systemd-190-1.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/systemd-190-1.fc18 *** Bug 859299 has been marked as a duplicate of this bug. *** boot for me on F18 Alpha KDE, but show a error message. (In reply to comment #11) > Please report this on upstream to solve. I try Alpha 3.1 and continue it. same here Alvaro Regards, syn kernel-3.6.0-0.rc6.git0.2.fc18.i686 systemd-188-3.fc18.i686 selinux-policy-3.11.1-21.fc18.noarch Boot but show a error message when selinux is enabled. If a disabled from /etc/selinux/config no show more errors. F18 Alpha KDE. The error message is: "SELinux: unable to find usable policy file: No such file or directory" Reported with screenshot at https://bugzilla.redhat.com/show_bug.cgi?id=859299 Package systemd-191-2.fc18, rtkit-0.11-3.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing systemd-191-2.fc18 rtkit-0.11-3.fc18' as soon as you are able to, then reboot. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-14581/rtkit-0.11-3.fc18,systemd-191-2.fc18 then log in and leave karma (feedback). I use F18 updated from an F17, I have selinux disabled and package systemd-191-2.fc18 rtkit-0.11-3.fc18 installed, and I have the error message "SELinux: unable to find usable policy files: No such file or directory" on boot... I also rebuilt my initramfs over the weekend on a completely up to date Fedora 18 system, and still see this error message. (In reply to comment #19) > I also rebuilt my initramfs over the weekend on a completely > up to date Fedora 18 system, and still see this error message. Hmm, it works for me, what do you have in /etc/sysconfig/selinux ? I have: SELINUX=enforcing SELINUXTYPE=targeted SETLOCALDEFS=0 On this machine I'm running permissive at the moment, because of libvirt problems ... $ cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=permissive # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted (In reply to comment #18) > I use F18 updated from an F17, I have selinux disabled and package > systemd-191-2.fc18 rtkit-0.11-3.fc18 installed, and I have the error message > "SELinux: unable to find usable policy files: No such file or directory" on > boot... You need to rebuild the initrd before the msg goes away. Use "dracut -f" which will rebuild the initrd for the current kernel. (In reply to comment #22) > (In reply to comment #18) > > I use F18 updated from an F17, I have selinux disabled and package > > systemd-191-2.fc18 rtkit-0.11-3.fc18 installed, and I have the error message > > "SELinux: unable to find usable policy files: No such file or directory" on > > boot... > > You need to rebuild the initrd before the msg goes away. Use "dracut -f" > which will rebuild the initrd for the current kernel. Ok lennart, I do dradut -f, and after reboot I have no warninr message "SELinux: unable to find usable policy files: No such file or directory". Thank. So, if dracut -f fix the bug, is not a good idea make some script into rpm update for run dracut -f after install the new systemd and not show any message error? (In reply to comment #24) > So, if dracut -f fix the bug, is not a good idea make some script into rpm > update for run dracut -f after install the new systemd and not show any > message error? Well, we currently rebuild dracut only if the kernel changes, but not otherwise. If you think it should be rebuilt on other occasions too, then please file a bug against dracut, for discussion in the dracut context. (In reply to comment #25) > (In reply to comment #24) > > So, if dracut -f fix the bug, is not a good idea make some script into rpm > > update for run dracut -f after install the new systemd and not show any > > message error? > > Well, we currently rebuild dracut only if the kernel changes, but not > otherwise. If you think it should be rebuilt on other occasions too, then > please file a bug against dracut, for discussion in the dracut context. @Lennart Poettering, dracut -f no fix the bug on Fedora 18 KDE Alpha up to date. The same error is showing after initrd is loaded: " SELinux: unable to find usable policy file: No such file or directory" Package glibc-2.16-17.fc18, systemd-192-1.fc18, selinux-policy-3.11.1-23.fc18, rtkit-0.11-3.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing glibc-2.16-17.fc18 systemd-192-1.fc18 selinux-policy-3.11.1-23.fc18 rtkit-0.11-3.fc18' as soon as you are able to, then reboot. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-14581/selinux-policy-3.11.1-23.fc18,rtkit-0.11-3.fc18,systemd-192-1.fc18,glibc-2.16-17.fc18 then log in and leave karma (feedback). Package glibc-2.16-17.fc18, rtkit-0.11-3.fc18, systemd-193-1.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing glibc-2.16-17.fc18 rtkit-0.11-3.fc18 systemd-193-1.fc18' as soon as you are able to, then reboot. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-14581/rtkit-0.11-3.fc18,systemd-193-1.fc18,glibc-2.16-17.fc18 then log in and leave karma (feedback). |