[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: failed to customize policy, SELinux won't let me
- From: Stephen Smalley <sds tycho nsa gov>
- To: fedora-selinux-list redhat com
- Subject: Re: failed to customize policy, SELinux won't let me
- Date: Thu, 04 May 2006 07:52:54 -0400
On Wed, 2006-05-03 at 19:25 -0700, Florin Andrei wrote:
> On Wed, 2006-05-03 at 13:19 -0400, Stephen Smalley wrote:
> > On Wed, 2006-05-03 at 10:05 -0700, Florin Andrei wrote:
> > > [root stantz custom]# semodule -i local.pp
> > > libsemanage.semanage_commit_sandbox: Error while
> > > renaming /etc/selinux/targeted/modules/active
> > > to /etc/selinux/targeted/modules/previous.
> > > semodule: Failed!
> > > [root stantz custom]# tail -n 1 /var/log/messages
> > > May 3 10:02:51 stantz kernel: audit(1146675771.487:308): avc: denied
> > > { rename } for pid=3845 comm="semodule" name="active" dev=hda4
> > > ino=2319743 scontext=user_u:system_r:semanage_t:s0
> > > tcontext=user_u:object_r:selinux_config_t:s0 tclass=dir
> >
> > Yes, this has shown up before - it indicates that
> > your /etc/selinux/targeted/modules tree has become mislabeled. Run
> > restorecon -R on it. I think that this has been corrected already in
> > updates?
>
> I rebooted the system and this happened again. :-(
> I did a restorecon again and now it's working fine.
>
> This is not right.
Indeed. Can you provide more details about your system (e.g. filesystem
type) and about the precise steps you use to reproduce the bug?
--
Stephen Smalley
National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]