Description of problem: When running yum upgrade this morning I got the following error messages: Updating : selinux-policy-targeted ####################### [ 7/16] libsepol.context_from_record: type httpd_nagios_script_exec_t is not defined libsepol.context_from_record: could not create context structure libsepol.context_from_string: could not create context structure libsepol.sepol_context_to_sid: could not convert system_u:object_r:httpd_nagios_script_exec_t:s0 to sid /etc/selinux/targeted/contexts/files/file_contexts: line 270 has invalid context system_u:object_r:httpd_nagios_script_exec_t:s0 libsemanage.semanage_install_active: setfiles returned error code 1. semodule: Failed! Version-Release number of selected component (if applicable): selinux-policy-targeted-2.4.6-88.fc6
Yeah... This is a very BAD update Well, instead of updating I removed selinux-policy, installed 2.4.6-88.fc6, and enforced it. The thing prevents file system checks now :))) So I had to boot with selinux=0.
What do you mean? You can always boot with enforcing=0, which will maintain your file labeleing? What AVC messages are you seeing that is preventing "file system checks"? SELinux releases on released OS, never add additional lock down (Or at least thats the goal). But sometimes an update of other parts of the system could trigger other SELinux errors, like an update to the kernel. selinux-policy-targeted-2.4.6-94.fc6 Should be showing up in testing.
And in updates now. Thanks (-: