FC2T2 Upgrade & SELinux

Efthym efthym at gmx.net
Tue Mar 30 09:31:41 UTC 2004 

Just finished the upgrade. Unfortunately the installation process didn't 
do anything with SELinux (since it wasn't previously installed). I'm not 
sure if this is how it should be since FC2T2 is supposed to test SELinux.
And by the way no problems from the CDs (downloaded with torrent) on an 
IBM T21.

I installed it manually afterwards following directions from another post :

checkpolicy, policy, policy-sources, policycoreutils
reboot
(lots of denied msgs)
fixfiles relabel
reboot

dmesg shows :

Linux version 2.6.3-2.1.253.2.1 (bhcompile at tweety.devel.redhat.com) (gcc 
version 3.3.3 20040216 (Red Hat Linux 3.3.3-2.1)) #1 Fri Mar 12 14:01:55 
EST 2004
<snip>
Security Scaffold v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
There is already a security framework initialized, register_security 
failed.
Failure registering capabilities with the kernel
selinux_register_security:  Registering secondary module capability
Capability LSM initialized
<snip>
Freeing unused kernel memory: 148k freed
security:  3 users, 5 roles, 1166 types
security:  30 classes, 261889 rules
SELinux:  Completing initialization.
SELinux:  Setting up existing superblocks.
SELinux: initialized (dev , type selinuxfs), uses genfs_contexts
SELinux: initialized (dev hda2, type ext3), uses xattr
SELinux: initialized (dev ram0, type ext2), uses xattr
SELinux: initialized (dev , type hugetlbfs), not configured for labeling
SELinux: initialized (dev , type devpts), uses transition SIDs
SELinux: initialized (dev , type eventpollfs), uses genfs_contexts
SELinux: initialized (dev , type pipefs), uses task SIDs
SELinux: initialized (dev , type tmpfs), uses transition SIDs
SELinux: initialized (dev , type futexfs), uses genfs_contexts
SELinux: initialized (dev , type sockfs), uses task SIDs
SELinux: initialized (dev , type proc), uses genfs_contexts
SELinux: initialized (dev , type bdev), uses genfs_contexts
SELinux: initialized (dev , type rootfs), uses genfs_contexts
SELinux: initialized (dev , type sysfs), uses genfs_contexts

Shouldn't the system start in enforcing mode now ? Or do I have to set 
SELINUX=enforcing in /etc/sysconfig/selinux first?
I guess its time to start reading up on SELinux ...


On Mon, 29 Mar 2004 19:05:33 -0500, Efthym <efthym at gmx.net> wrote:

> I've got FC2 test1 with all updates installed (including xorg).
> I'm doing a backup now (just in case) and I think I'll try the upgrade 
> just for kicks.
> I'll post the results later.
>
>
> On Mon, 29 Mar 2004 18:21:30 -0500, Gene C. <czar at czarc.net> wrote:
>
>> On Monday 29 March 2004 17:53, Efthym wrote:
>>> I read in a previous posting that upgrading to T2 through yum will not
>>> enforce the SELinux policies. Does this apply to upgrading through the
>>> iso's as well ? Do I have to do a clean install to use SELinux ?
>>
>> I would recommend a clean install.  The differences (especialy relating 
>> to
>> selinux) between Test1 and Test2 are significant and very easily 
>> screwed up.
>> In addition, there is the whole business of Xfree86 -> xorg-x11 adds 
>> more
>> complexity.
>
>
>

More information about the fedora-test-list mailing list