"Could not change policy booleans"
Paul Howarth
paul at city-fan.org
Thu Jun 14 14:45:28 UTC 2007
Daniel J Walsh wrote:
> Stephen Smalley wrote:
>> On Wed, 2007-06-13 at 14:35 +0100, Paul Howarth wrote:
>>
>>> Stephen Smalley wrote:
>>>
>>>> On Wed, 2007-06-13 at 10:00 +0100, Paul Howarth wrote:
>>>>
>>>>> Daniel J Walsh wrote:
>>>>>
>>>>>> Paul Howarth wrote:
>>>>>>
>>>>>>> Nils Caspar wrote:
>>>>>>>
>>>>>>>>> That should have been solved by an update to dbus in fc6 a
>>>>>>>>> month ago.
>>>>>>>>>
>>>>>>>> What Fedora
>>>>>>>>
>>>>>>>>> release are you running? Are you completely updated?
>>>>>>>>>
>>>>>>>> I'm running a full updated fedora 7.
>>>>>>>>
>>>>>>>>
>>>>>>>>> That should have worked. That should be the correct syntax. Was
>>>>>>>>> there
>>>>>>>>>
>>>>>>>> an avc
>>>>>>>>
>>>>>>>>> associated with trying to set this?
>>>>>>>>>
>>>>>>>> There was no other warning.
>>>>>>>>
>>>>>>>> I have the same problem in an other fedora 7 VM. Maybe it's a
>>>>>>>> fedora 7
>>>>>>>> bug... :(
>>>>>>>>
>>>>>>> I've just hit the same problem on a fresh Fedora 7 install, with
>>>>>>> all released updates.
>>>>>>>
>>>>>>> Paul.
>>>>>>>
>>>>>>> --
>>>>>>> fedora-selinux-list mailing list
>>>>>>> fedora-selinux-list at redhat.com
>>>>>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>>>>>>
>>>>>> Does this fix the problem?
>>>>>>
>>>>>> restorecon -R -v /etc/selinux/targeted
>>>>>>
>>>>> No; there are no AVC denials in the audit log (at least not
>>>>> relating to this...) so I don't think it's an SELinux permissions
>>>>> issue.
>>>>>
>>>>> Updating to the latest selinux package updates from updates-testing
>>>>> hasn't helped either.
>>>>>
>>>> Bug in setsebool (it is actually succeeding, but falling through to the
>>>> error path and thus incorrectly saying that it failed, as a result of a
>>>> "build fix"). Fixed in policycoreutils 2.0.21.
>>>>
>>> Ah, saves me having to put something in an initscript :-)
>>>
>>> FC7 has policycoreutils-2.0.16-5.fc7 (from updates-testing), which
>>> seems a long way behind 2.0.21. Is a fix likely any time soon?
>>>
>>
>> I sent Dan the patch separately as well, in case he wants to just apply
>> it without updating otherwise.
>>
> Fixed in policycoreutils
> <https://admin.fedoraproject.org/updates/policycoreutils>-2.0.16-6.fc7
Thanks.
On an unrelated issue, where does the version number in the
selinux-policy package come from? Upstream seems to do date-based
releases rather than version number-based. I ask because I need to
update my policy module for mod_fcgid and I'll need different versions
for F7 (using patterns) and older releases (using create_file_perms etc.).
Paul.
More information about the fedora-selinux-list
mailing list