Bug 437665 - After installing selinux-policy-targeted there's no policy.21 file in /etc/selinux/targeted/policy
After installing selinux-policy-targeted there's no policy.21 file in /etc/se...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
i386 Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-15 18:44 EDT by Adrian "Adi1981" P.
Modified: 2008-03-17 09:07 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-17 09:07:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adrian "Adi1981" P. 2008-03-15 18:44:02 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080214 Fedora/1.1.8-4.fc9 SeaMonkey/1.1.8

Description of problem:
After installing selinux-policy-targeted, I don't have policy.21 file in /etc/selinux/targeted/policy, and because of this after switching to targeted policy and rebooting the system, kernel complains with error something like:  "There is no policy file <= policy.22 in /etc/selinux/targeted/policy/ directory. Halting now". System of course won't boot. Problem occured few week ago, and probably (but not sure for 100%) it can be related to my actions done then. Few weeks ago I've installed seedit, and have converted targeted policy into seedit's one. On seedit policy there was no problem with booting, but after trying to switch back to targeted policy I got above error. Also from what i noticed:
[root@pc Pobrane]# rpm -e selinux-policy-targeted
[root@pc Pobrane]# rpm -ivh selinux-policy-targeted-3.3.1-20.fc9.noarch.rpm
Przygotowywanie...          ########################################### [100%]
   1:selinux-policy-targeted########################################### [100%]
[root@pc Pobrane]# rpm -ql selinux-policy-targeted |grep policy.21
/etc/selinux/targeted/policy/policy.21
[root@pc Pobrane]# rpm -ql selinux-policy-targeted |grep file_contexts
/etc/selinux/targeted/contexts/files/file_contexts
/etc/selinux/targeted/contexts/files/file_contexts.homedirs

rpm -ql shows that there is policy.21 file, the same situation with file_contexts, but after install:

[root@pc Pobrane]# ls -lA /etc/selinux/targeted/policy/
razem 0
[root@pc Pobrane]# ls -lA /etc/selinux/targeted/contexts/files/
razem 4
-rw-r--r-- 1 root root 139 mar 14 22:19 media
[root@pc Pobrane]

shows that there are no such files. Also viewing selinux-policy-targeted rpm contents in CONTENTS.cpio didn't show those files at all.
[root@pc Pobrane]# uname -r
2.6.23.15-137.fc8
But the same is with rawhide's kernels
[root@pc Pobrane]# rpm -q kernel
kernel-2.6.23.15-137.fc8.i686
kernel-2.6.25-0.113.rc5.git2.fc9.i686
[root@pc Pobrane]#
I don't know if it'll be important, but i don't have xorg-\* from rawhide, rest of the system is updated every day. 3rd party repo is only livna-devel.

On 

Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
Not sure for 100% if it was exactly those steps, but
1. yum install seedit\*
2. In seedit-gui generate policy probably from file /etc/selinux/targeted/policy/policy.21
3. switch to seedit policy && touch /.autorelabel && reboot
4. try to roll back to targeted policy

Actual Results:
Kernel ooops, see above error msg.

Expected Results:
System should boot with selinux targeted policy on.

Additional info:
Comment 1 Adrian "Adi1981" P. 2008-03-15 18:47:02 EDT
Of course installing directly via rpm is only done to demonstrate that it's new
install. The same thing is happening when installing via yum.
Comment 2 Daniel Walsh 2008-03-17 09:07:20 EDT
Please remove seedit policy.  selinux-policy and seedit can not exist on the
same machine at the same time.

rpm -e seedit

Then rebuild policy


Note You need to log in before you can comment on or make changes to this bug.