On 9/13/05, Stephen Smalley <sds(a)tycho.nsa.gov> wrote:
On Tue, 2005-09-13 at 11:19 -0700, Tom London wrote:
> Will backing out the latest libselinux fix? (the only way I could get
> 'up and running' was to boot with 'selinux=0').
It should. I booted single-user with enforcing=0 and then installed the
upstream libselinux 1.26 from our cvs, and it worked fine. Fedora CVS
tree has a patch that affects getting the policy type (which seems to be
broken, as it always returning targeted even when /etc/selinux/config
says strict) and that calls the new libsetrans (which is likely breaking
the context validation).
I did 'rpm -Uvh --oldpackage libselinux*-1.25.7-1*' and rebooted.
This appears to 'repair': all appears healthy.
Two comments:
1. During reboot, system detected need to relabel 'automagically'.
Relabel completed smoothly and system booted normally.
2. This is the first relabel I have had to do in many, many, many
months. Allow me to present well deserved kudos to the Selinux/FC
team.
Notably impressed,
tom
--
Tom London