In F13, it appears that the following file contexts are set as part of the base policy: /usr/share/dirsrv(/.*)? system_u:object_r:httpd_sys_content_t:s0 /usr/lib/dirsrv/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_exec_t:s0 These cause conflicts with the dirsrv-admin policy that is provided by 389. Our module labels these with dirsrv specific contexts and extends the httpd policy to allow it to have the proper access. An attempt to install the dirsrv-admin policy on F13 results in this error: /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /usr/lib/dirsrv/cgi-bin(/.*)? (system_u:object_r:httpd_dirsrvadmin_script_exec_t:s0 and system_u:object_r:httpd_sys_script_exec_t:s0). /etc/selinux/targeted/contexts/files/file_contexts: Invalid argument libsemanage.semanage_install_active: setfiles returned error code 1. semodule: Failed! I would like these file labelling rules removed from the base policy to allow the 389 policy module to work properly.
I will remove in next release. Fixed in selinux-policy-3.7.18-1.fc13.noarch
selinux-policy-3.7.19-2.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/selinux-policy-3.7.19-2.fc13
selinux-policy-3.7.19-2.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/selinux-policy-3.7.19-2.fc13
selinux-policy-3.7.19-2.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.