On Sun, Apr 25, 2010 at 06:35:57PM -0400, Steve Blackwell wrote:
On Sun, 25 Apr 2010 20:32:53 +0200
Dominick Grift <domg472(a)gmail.com> wrote:
> > >
> > > Please try to run fixfiles restore as root in permissive mode.
> >
> > The previous attempt was as root and in permissive mode. I tried
> > again:
> >
> > [root@steve ~]# id
> > uid=0(root) gid=0(root)
> > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
> > context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> >
> > [root@steve ~]# sestatus
> > SELinux status: enabled
> > SELinuxfs mount: /selinux
> > Current mode: permissive
> > Mode from config file: disabled
> > Policy version: 24
> > Policy from config file: targeted
> >
> > [root@steve ~]# fixfiles
> > restore ********************/sbin/setfiles: unable to stat
> > file /home/steve/.gvfs: Permission denied
> > /sbin/setfiles: error while labeling /: Permission
> > denied
> > /sbin/setfiles: error while labeling /boot: Permission
> > denied
> > /sbin/setfiles: error while
> > labeling /media/blah-blah: Permission denied
>
> in /etc/selinux/config set "SELINUX=permissive"
>
> then do: touch /.autorelabel && reboot
>
OK, I did that and I still get these messages in /var/log/dmesg:
If relabeling succeeded these issues should be fixed now.
You can check by listing: "ls -alZ /etc/rc.d/init.d/mysqld"
if the type returned is mysqld_initrc_exec_t, then its fixed
if the type returned is unlabeled_t, then something went wrong.
SELinux: Context system_u:object_r:mysqld_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:fsdaemon_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:nscd_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:auditd_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:samba_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:rpcbind_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:dnsmasq_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:ntpd_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:automount_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:snmp_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:apcupsd_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:syslogd_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:bluetooth_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:squid_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:soundd_script_exec_t:s0 is not
valid (left unmapped).
SELinux: Context system_u:object_r:httpd_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:pppd_script_exec_t:s0 is not valid
(left unmapped).
SELinux: Context system_u:object_r:NetworkManager_script_exec_t:s0 is
not valid (left unmapped).
> once rebooted change SELINUX=permissive back to SELINUX=enforcing
> and setenforce 1
I have always been running in permissive mode because of the issues
I've benn experiencing but I'll try it and see how it goes.
Thanks,
Steve