Red Hat Bugzilla – Bug 186741
serefpolicy 20060323 (2.2.26-1) is locking kernel?
Last modified: 2007-11-30 17:11:28 EST
Description of problem:
Modular policy (serefpolicy) seems to be broken, because when updated to 2.2.26
once, I can't switch to any other policy (even no downgrade) without rebooting
the whole system.
Error when trying to downgrade to 2.2.24:
/usr/sbin/load_policy: Can't load policy: Invalid argument
libsemanage.semanage_reload_policy: load_policy returned error code 2.
support/loadable_module.spt?r1=1.14&r2=1.15 seems to work around the problem.
Erich from Freenode #selinux already sent a testcase to Stephen, but he didn't
answer yet. This is maybe a kernel bug, because the policy is correct, but the
kernel seems to be locked up avoiding to apply a new policy - which only works
during a reboot (for the moment).
Version-Release number of selected component (if applicable):
Everytime, see above.
Broken stuff as described above.
Working like in the past ;-)
There are thousands of avc denieds in my syslog (nearly everything is claimed),
because of this...and would be very nice to get master of the situation in a
sane way very soon.
Fixed by updates to libsemanage-1.6.2-2