Here is a error from updating the sysklogd package that appearently comes from some file context problem. The last line about the post script failing has to do with being in enforcing mode but the catch-22 is that the avc denied messages are incomplete which is the reason I am replacing the sysklogd package in the first place. The partial avc denied messages are further below. When doing the same rpm command in permissive mode, the context error is still produce but the post script runs. HTH Richard Hally
--------------------------------------shell messages------------------------------------------------------------ [root@new2 richard]# rpm -U --oldpackage sysklogd-1.4.1-16.i386.rpm ERROR: Multiple different specifications for /usr/sbin/imapd (system_u:object_r:imapd_exec_t and system_u:object_r:inetd_child_exec_t). warning: sysklogd-1.4.1-16.i386.rpm: V3 DSA signature: NOKEY, key ID 4f2a6fd2 error: %post(sysklogd-1.4.1-16) scriptlet failed, exit status 255 [root@new2 richard]# setenforce 0
----------------------------var log messages--------------------------------------------------------------------- Jun 13 02:34:31 new2 last message repeated 3 times Jun 13 02:34:31 new2 exiting on signal 15 Jun 13 02:34:31 new2 syslogd 1.4.1: restart. Jun 13 02:34:31 new2 syslog: syslogd startup succeeded Jun 13 02:34:31 new2 kernel: klogd 1.4.1, log source = /proc/kmsg started. Jun 13 02:34:31 new2 kernel:
audit(1087108471.340:0): avc: denied { getattr } for pid=1 exe=/sbin/init Jun 13 02:34:31 new2 kernel:
audit(1087108471.340:0): avc: denied { read write } for pid=1 exe=/sbin/init Jun 13 02:34:31 new2 syslog: klogd startup succeeded Jun 13 02:34:31 new2 syslog: syslogd shutdown succeeded
On Sun, 13 Jun 2004 16:55, Richard Hally rhallyx@mindspring.com wrote:
ERROR: Multiple different specifications for /usr/sbin/imapd
Remove the imapd entry from rpm.fc and do "make file_contexts/file_contexts" in the policy source directory. Maybe remove the entries for POP servers at the same time.
Those entries in rpm.fc will only work for the targetted policy.
audit(1087108471.340:0): avc: denied { getattr } for
pid=1 exe=/sbin/init Jun 13 02:34:31 new2 kernel:
This is a kernel bug. James, any ideas?
selinux@lists.fedoraproject.org