FC5 yum error for selinux -policy-targeted

Jim Cornette fct-cornette at insight.rr.com
Wed Jan 4 22:28:32 UTC 2006


Tom London wrote:
> On 1/4/06, Jim Cornette <fct-cornette at insight.rr.com> wrote:
> 
>>Tom London wrote:
>>
>>>On 1/3/06, Darwin H. Webb <thethirddoorontheleft at verizon.net> wrote:
>>>
>>>
>>>>Doug Henderson wrote:
>>>>
>>>>
>>>>>On my FC5 rawhide box, I am getting the following message
>>>>>
>>>>>Updating  : selinux-policy-targeted      ####################### [20/58]
>>>>>libsemanage.parse_module_headers: Data did not represent a module.
>>>>>Failed!
>>>>>
>>>>
>>>>>from yum when updating to :
>>>>
>>>>>selinux-policy-targeted noarch  2.1.6-22  development       459 k
>>>>>
>>>>>IIRC this message has appeared with previous updates.
>>>>>
>>>>
>>>>What was your recovery process for this error?
>>>>I rebooted to get the new 1808 kernel and the screen rolded by hundreds
>>>>of SELinux messages,
>>>>dropped me into a recove user mode or reboot.
>>>>It said setenforce 0 had be set
>>>>I tried to fixfiles relabel and touch ./autorelabel
>>>>but the f/s were mounted ro  (all were LVM except /boot)
>>>>Ctrl-D only rebooted
>>>>I tried setenforce 1 on the boot line
>>>>
>>>>Didn't know what else to try.
>>>>I only had this installed for 2 days.
>>>>
>>>>Darwin
>>>>
>>>
>>>see: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176839
>>>
>>>--
>>>Tom London
>>>
>>
>>Before relabeling, I could boot. After relabeling and booted into
>>kernel-2.6.14-1.1808_FC5 in single and with selinux=0 given as a
>>parameter, I could install all but a few packages that conflict with
>>kdeutils.
>>After relabeling and rebooting, I could not boot regularly or with
>>selinux=0 given as a parameter. I was dropped to a maintenence shell.
>>I am able to boot with kernel-2.6.14-1.1806_FC5 and with selinux=0 given
>>as a parameter.
>>
>>I am unsure if this is kernel or SELinux related.
>>
>>Jim
>>
> 
> Did you update libsetrans (or disable translations) as described in
> the above bugzilla?
> 
> tom
> --
> Tom London
> 

I did not  disable anything because the system was half working before I 
   booted with selinux=0 into single and relabeled. (Mostly granted 
instead of denied messages.
Attached is an excerpt from system mail that I received awhile after 
encountering the problem.
libsetrans-0.1.13-1 is presently installed.

--------------------- Selinux Audit Begin ------------------------

  *** Denials ***
     system_u system_u (blk_file): 13 times
     system_u system_u (chr_file): 35 times
     system_u system_u (dir): 14 times
     system_u system_u (file): 49 times
     system_u system_u (lnk_file): 2 times
     system_u system_u (sock_file): 4 times


  *** Grants ***
     system_u system_u (process): 4 times
     system_u system_u (security): 1 times

   Number of audit daemon starts: 3

   Number of audit daemon stops: 3

  **Unmatched Entries**
   audit(1136348711.616:239):  path="/dev/console"
   audit(1136348711.616:239):  cwd="/"
   audit(1136348711.616:239): item=0 name="/sbin/auditctl" flags=101
   audit(1136348711.616:239): item=1 flags=101
   audit(1136348711.620:240):  cwd="/"
   audit(1136348711.620:240): item=0 name="/etc/ld.so.cache" flags=101
   audit(1136348711.620:241):  path="/etc/ld.so.cache"
   audit(1136348711.624:242):  path="/dev/null"
   audit(1136348711.628:243):  path="/dev/null"

  ---------------------- Selinux Audit End -------------------------

Jim




More information about the fedora-test-list mailing list