Bug 164702 - Setting selinux-policy-strict disables services
Summary: Setting selinux-policy-strict disables services
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-strict
Version: 4
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
: 164703 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2005-07-30 16:43 UTC by J. William Cupp
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-08-25 19:44:31 UTC

Attachments (Terms of Use)

Description J. William Cupp 2005-07-30 16:43:20 UTC
From Bugzilla Helper:
User-Agent: Opera/8.02 (Windows NT 5.1; U; en)

Description of problem:
Upon installation of Fedora Core 4, a problem I previously had with FC3 has 
grown much worse.  Formerly, ntpd would not run.  Now, many services do not run, 
including (at least) nifd, networks, etc. and many others.  

A work around has been found in setting SELinux policy to "permissive" rather 
than "enforced."   When "enforced" is used, the FC4 installation is basically 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.  Set SELinux policy to "enforced".
2.  Reboot

Additional info:

When policy is "enforced" the boot up text screen shows many services that 
report FAILED on start up.  Generally, the error message reveals file 
permissions are denied, such as to file 'libc.so.6' or other shared object 

The screen scrolls by much too fast to read it in detail.  If there was a means 
to pipe this text scroll to a log file, I'd like to do so and submit it as an 
addendum to this bug report.  (Anybody want to help me learn how to do this?)

Comment 1 Daniel Walsh 2005-08-01 13:30:14 UTC
Are you running with selinux-policy-strict?  What are you seeing for avc
messages in /var/log/audit/audit.log or /var/log/messages?

You try to relabel the system with the following command

touch /.autorelabel

Comment 2 Daniel Walsh 2005-08-01 13:31:04 UTC
*** Bug 164703 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.