Recent changes to libselinux return selinux == enabled on systems which never
used selinux and do not have any selinux tools or configuration for it.
The D-Bus daemon fails to start with:
dbus-daemon: Failed to set up security class mapping
dbus: [system] SELinux enabled but D-Bus initialization failed;
check system log
It might be caused by:
Please return to the former behavior or fine-tune the check.
must not return true, when it is not even possible to enable selinux on the machine, but only libselinux is installed by dependencies. Thanks!
The policy type is set to targeted and the mode is set to permissive when a system is running with SELinux enabled kernel (Fedora default) without /etc/selinux/config file or when there's no SELinux kernel command line option.
If you don't use SELinux, use 'selinux=0' on kernel command line or 'SELINUX=disabled' in /etc/selinux/config
libselinux will be adjusted to check of existence of /etc/selinux/config file, see . If there's /etc/selinux/config file, it's expected that at least selinux-policy is installed and SELinux is considered as enabled. Without /etc/selinux/config file, is_selinux_enabled() will return false.
It's still recommended to use selinux=0 in kernel command line or SELINUX=disabled in /etc/selinux/config when users don't want to use any SELinux policy. It would stop all of the SELinux hook call overhead in the kernel.
libselinux-2.3-10.fc22 has been submitted as an update for Fedora 22.
libselinux-2.3-10.fc21 has been submitted as an update for Fedora 21.
* should fix your issue,
* was pushed to the Fedora 22 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing libselinux-2.3-10.fc22'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
libselinux-2.3-10.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
This change caused a major problem for 23 / Rawhide: since it landed, fresh Rawhide installs from traditional installer images (i.e. boot.iso) are completely broken. See https://bugzilla.redhat.com/show_bug.cgi?id=1243168 .
libselinux-2.3-10.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.