Description of problem: Several packages run fixfiles in their %post script and the script failes when selinux is disabled, p.e.: Installier: glpi ################### [2891/6284] semodule: SELinux policy is not managed or store cannot be accessed. cut: Schreibfehler: Datenübergabe unterbrochen (broken pipe) Version-Release number of selected component (if applicable): policycoreutils-2.0.46-2.fc9.i386
The problem here is the glpi spec file is not checking if SELinux is installed. It should be using semodule -s targeted glpi.pp You don't need to install a Policy Package for this either. semanage fcontext could be used. /etc/glpi(/.*)? root:object_r:httpd_sys_content_t:s0 /var/log/glpi(/.*)? system_u:object_r:httpd_sys_content_t:s0 /var/lib/glpi(/.*)? system_u:object_r:httpd_sys_content_t:s0 This would be better if you specified. /etc/glpi(/.*)? system_u:object_r:httpd_sys_content_t:s0 /var/log/glpi(/.*)? system_u:object_r:httpd_sys_script_rw_t:s0 Do the php scripts actually read/write this directory or could you label it httpd_log_t? /var/lib/glpi(/.*)? system_u:object_r:httpd_sys_script_rw_t:s0
@daniel, thanks Next release will use semanage fcontext.