Created attachment 451852 [details] Setrouble screencap Description of problem: Selinux is disabled Version-Release number of selected component (if applicable): rpm -qa setrouble\* setroubleshoot-2.2.99-1.fc13.x86_64 setroubleshoot-plugins-2.1.61-1.fc13.noarch setroubleshoot-server-2.2.99-1.fc13.x86_64 How reproducible: Same on my bare metal and two KVM F13's Steps to Reproduce: 1. No idea what caused it. Actual results: Disabled, with no method to change to enforcing. Expected results: Enforcing Additional info:
This is showing you the current mode of the system. The only way to change it is to reboot the machine.
Reboots haven't helped, it syays on disabled. the F14's don't have any greyed out out section.
Created attachment 451892 [details] dmesg After another reboot it looks like there is no "dracut:selinux line" rpm -q kernel-debug kernel-debug-2.6.34.7-56.fc13.x86_64 kernel-debug-2.6.34.7-58.fc13.x86_64 kernel-debug-2.6.34.7-59.fc13.x86_64
First lets try to reinstall selinux-policy-targeted # yum reinstall selinux-policy-targeted Do you see any errors? If you execute # load_policy Do you see any errors?
(In reply to comment #4) > First lets try to reinstall selinux-policy-targeted > > # yum reinstall selinux-policy-targeted > > Do you see any errors? No > > If you execute > > # load_policy > > Do you see any errors? yes: load_policy SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.24, searching for an older version. SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.24: No such file or directory load_policy: Can't load policy file /etc/selinux/targeted/policy/policy.-1: No such file or directory rpm -qa selinux-policy\* selinux-policy-targeted-3.7.19-64.fc13.noarch selinux-policy-doc-3.7.19-64.fc13.noarch selinux-policy-3.7.19-64.fc13.noarch
What happens if you reboot now?
Sill disabled 2 reboots on this box. Will start downgrade selinux\* to see if I find where it started.
Downgrading to: selinux-policy-doc-3.7.19-62.fc13.noarch selinux-policy-3.7.19-62.fc13.noarch selinux-policy-targeted-3.7.19-62.fc13.noarch has fixed the disabled\greyed out problem. sealert will also now open a gui. Which could mean a problem with: selinux-policy-3.7.19-64.fc13 ?
Frank, if you now upgrade back to -64 release, is the problem back again?
(In reply to comment #9) > Frank, > if you now upgrade back to -64 release, is the problem back again? Just done. problem back. No reboot involved. Just update and disabled.
More: After reboot still disabled. But can be made go enforcing by running: su - load_policy -qi So -64 appears not to autoload policy?
So you ran load_policy -qi and now it works fine.
(In reply to comment #12) > So you ran > > load_policy -qi > > and now it works fine. Until the next reboot reboot == start disabled
Are you running the latest F13 kernel? Do you see any errors about loading policy in the boot logs?
Created attachment 452112 [details] boot log No errors latest kernel-debug to test
I'm guessing you are running dracut -055-4 (I also assume you are using updates-testing?) update to dracut-005-5.fc13 and rebuild all of your initrd (I don't know the dracut magic)
(In reply to comment #16) > update to dracut-005-5.fc13 and rebuild all of your initrd (I don't know the > dracut magic) http://people.redhat.com/harald/dracut.html#id330426
(In reply to comment #16) > I'm guessing you are running dracut -055-4 (I also assume you are using > updates-testing?) Yes and yes > > update to dracut-005-5.fc13 and rebuild all of your initrd (I don't know the > dracut magic) will do
dracut-005-5.fc13 fixed it. Just yum localinstall dracut-005-5.fc13, and reboot. No need to manually recreate anything.
(In reply to comment #19) > dracut-005-5.fc13 fixed it. > > Just yum localinstall dracut-005-5.fc13, and reboot. > > No need to manually recreate anything. impossible
Created attachment 452199 [details] New dmesg But is that not normally happens with a new dracut? just reboot, anyhow it's now loading selinux Attached new dmesg for comparison I did nothing extra.
(In reply to comment #20) > (In reply to comment #19) > > dracut-005-5.fc13 fixed it. > > > > Just yum localinstall dracut-005-5.fc13, and reboot. > > > > No need to manually recreate anything. > > impossible Where's the embarrassed smiley thing. yum reinstall kernel
(In reply to comment #22) > (In reply to comment #20) > > (In reply to comment #19) > > > dracut-005-5.fc13 fixed it. > > > > > > Just yum localinstall dracut-005-5.fc13, and reboot. > > > > > > No need to manually recreate anything. > > > > impossible > > Where's the embarrassed smiley thing. > > yum reinstall kernel that does the trick :) so, issue fixed?
dracut-005-5.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/dracut-005-5.fc13
dracut-005-5.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update dracut'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/dracut-005-5.fc13
dracut-005-5.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.