Everything got broken. selinux-policy-targeted-1.17.30-2.90
Stephen Smalley
sds at tycho.nsa.gov
Wed Mar 30 17:50:27 UTC 2005
On Wed, 2005-03-30 at 12:20 -0500, Omri Schwarz wrote:
> # rpm -V selinux-policy-targeted
> WARNING: Multiple same specifications for /usr/local/lost\+found(/.*)?.
> WARNING: Multiple same specifications for /usr/local/\.journal.
> S.5....TC c /etc/selinux/targeted/contexts/files/file_contexts
> ..5....T. c /etc/selinux/targeted/policy/policy.18
>
> Both have a cdate of today, the former since I followed the prescription
> to hand edit file_context, and the latter, not so sure.
> I did to into .../src/policy and do a make clean and make load
> (as per FC3 SELinux FAQ to see if I could increase the verbosity of the
> logging).
Yes, those files would be regenerated by the make load in the policy
source directory (or even by installing the policy source package, I
think, as that automatically does a build).
Based on your description, I assume that genhomedircon is picking up
entries from the NIS passwd map that have uids >= 500 and shells other
than /sbin/nologin or /bin/false and that have home directories
under /etc. So the same problem will recur every time you
rebuild/update policy I assume, as it will keep generating these bogus
entries in the new file_contexts file.
--
Stephen Smalley <sds at tycho.nsa.gov>
National Security Agency
More information about the fedora-selinux-list
mailing list