Bug 1008742 - http://fedoraproject.org/wiki/FedUp missing selinux info
http://fedoraproject.org/wiki/FedUp missing selinux info
Status: CLOSED DUPLICATE of bug 1044541
Product: Fedora Documentation
Classification: Fedora
Component: fedora-websites (Show other bugs)
devel
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Fedora Websites Team
Fedora Websites Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-16 22:11 EDT by Dave Botsch
Modified: 2014-01-07 02:34 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-07 02:34:52 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dave Botsch 2013-09-16 22:11:04 EDT
Description of problem:

One of the pieces that can potentially get messed up after a fedup upgrade is selinux... specifically old modules (not custom, but from a previous install) still hanging around. Which will cause selinux errors to be printed out during upgrades of the selinux-policy-targeted module.

Version-Release number of selected component (if applicable):

not applicable

How reproducible:

unclear what goes wrong during the upgrade to cause this to happen. 

Steps to Reproduce:
1. Install fedora 17
2. Run fedup to 19

Actual results:
tribute entropyd_var_run_t (No such file or directory)

libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory)

Expected results:

No errors :)

Additional info:

After a lot of googling, I came to some old bugzillas such as 511067, which led me to find that after running fedup to f19, I had old selinux targeted policy modules still left over from f17 (and possibly older). For whatever reason, the postinstall script of fedup did not remove the older modules (does fedup run postinstall or require postupgrades -- which would mean the selinux-policy-targeted rpm needs to be fixed -- ).

The solution was quite simple, following what was in the referenced bugzilla:

> #setenforce 0
> #mv /etc/selinux/targeted /etc/selinux/targeted.old
mkdir -p /etc/selinux/targeted # added by me, since without this, the rpm would complain that it could not touch /etc/selinux/targeted/.rebuild -- no such file or directory /etc/selinux/targeted
> #yum reinstall selinux-policy-targeted
> #restorecon -R -v /etc/selinux
> #setenforce 1    

Documenting this on the wiki page would be useful in case others run into it.
Comment 1 Pete Travis 2014-01-07 02:34:52 EST
Fedup documentation is in the Installation Guide, and there is an open bug requesting better coverage of SELinux issues encountered with Fedup; I'm marking this as a duplicate of that bug, because broadly, you're asking for better documentation of Selinux issues encountered with fedup..

The wiki is a wiki. You can edit it.

*** This bug has been marked as a duplicate of bug 1044541 ***

Note You need to log in before you can comment on or make changes to this bug.