FC5 yum error for selinux -policy-targeted
Jim Cornette
fct-cornette at insight.rr.com
Wed Jan 4 22:28:32 UTC 2006
Tom London wrote:
> On 1/4/06, Jim Cornette <fct-cornette at insight.rr.com> wrote:
>
>>Tom London wrote:
>>
>>>On 1/3/06, Darwin H. Webb <thethirddoorontheleft at verizon.net> wrote:
>>>
>>>
>>>>Doug Henderson wrote:
>>>>
>>>>
>>>>>On my FC5 rawhide box, I am getting the following message
>>>>>
>>>>>Updating : selinux-policy-targeted ####################### [20/58]
>>>>>libsemanage.parse_module_headers: Data did not represent a module.
>>>>>Failed!
>>>>>
>>>>
>>>>>from yum when updating to :
>>>>
>>>>>selinux-policy-targeted noarch 2.1.6-22 development 459 k
>>>>>
>>>>>IIRC this message has appeared with previous updates.
>>>>>
>>>>
>>>>What was your recovery process for this error?
>>>>I rebooted to get the new 1808 kernel and the screen rolded by hundreds
>>>>of SELinux messages,
>>>>dropped me into a recove user mode or reboot.
>>>>It said setenforce 0 had be set
>>>>I tried to fixfiles relabel and touch ./autorelabel
>>>>but the f/s were mounted ro (all were LVM except /boot)
>>>>Ctrl-D only rebooted
>>>>I tried setenforce 1 on the boot line
>>>>
>>>>Didn't know what else to try.
>>>>I only had this installed for 2 days.
>>>>
>>>>Darwin
>>>>
>>>
>>>see: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176839
>>>
>>>--
>>>Tom London
>>>
>>
>>Before relabeling, I could boot. After relabeling and booted into
>>kernel-2.6.14-1.1808_FC5 in single and with selinux=0 given as a
>>parameter, I could install all but a few packages that conflict with
>>kdeutils.
>>After relabeling and rebooting, I could not boot regularly or with
>>selinux=0 given as a parameter. I was dropped to a maintenence shell.
>>I am able to boot with kernel-2.6.14-1.1806_FC5 and with selinux=0 given
>>as a parameter.
>>
>>I am unsure if this is kernel or SELinux related.
>>
>>Jim
>>
>
> Did you update libsetrans (or disable translations) as described in
> the above bugzilla?
>
> tom
> --
> Tom London
>
I did not disable anything because the system was half working before I
booted with selinux=0 into single and relabeled. (Mostly granted
instead of denied messages.
Attached is an excerpt from system mail that I received awhile after
encountering the problem.
libsetrans-0.1.13-1 is presently installed.
--------------------- Selinux Audit Begin ------------------------
*** Denials ***
system_u system_u (blk_file): 13 times
system_u system_u (chr_file): 35 times
system_u system_u (dir): 14 times
system_u system_u (file): 49 times
system_u system_u (lnk_file): 2 times
system_u system_u (sock_file): 4 times
*** Grants ***
system_u system_u (process): 4 times
system_u system_u (security): 1 times
Number of audit daemon starts: 3
Number of audit daemon stops: 3
**Unmatched Entries**
audit(1136348711.616:239): path="/dev/console"
audit(1136348711.616:239): cwd="/"
audit(1136348711.616:239): item=0 name="/sbin/auditctl" flags=101
audit(1136348711.616:239): item=1 flags=101
audit(1136348711.620:240): cwd="/"
audit(1136348711.620:240): item=0 name="/etc/ld.so.cache" flags=101
audit(1136348711.620:241): path="/etc/ld.so.cache"
audit(1136348711.624:242): path="/dev/null"
audit(1136348711.628:243): path="/dev/null"
---------------------- Selinux Audit End -------------------------
Jim
More information about the fedora-test-list
mailing list