Daniel J Walsh wrote:
On 11/26/2014 02:11 PM, m.roth(a)5-cent.us wrote:
> Tristan Santore wrote:
>> On 26/11/14 18:53, m.roth(a)5-cent.us wrote:
>>> Tristan Santore wrote:
>>>> On 26/11/14 18:44, m.roth(a)5-cent.us wrote:
>>>>> The admin I work with and I have been updated our CentOS servers to
>>>>> 6.6. One server that's been running for years, with no issues (it
>>>>> in permissive, also), got updated...
>>>>> Nov 25 17:26:56 Updated: kexec-tools-2.0.0-280.el6.x86_64
>>>>> <many, many, many lines of asterisks elided>
>>>>> Nov 26 01:10:52 Updated:
>>>>> Nov 26 01:10:56 Updated: coolkey-1.1.0-32.el6.x86_64
>>>>> Yes, that *is* about 7.5 *hours* to install that policy. I can only
>>>>> guess that for some reason, it decided to relabel the *ENTIRE*
>>> Nope. A RAID 1 w/ 914G, 37% used. Don't tell me it
tried to do any
>>> NFS-mounted stuff, that I can't believe.
I have no idea why it would have done this. There is an algorithm
does a diff between the previous file context and the new and then
relabels the difference.
That's more or less what I thought.
This could trigger a relabel of /usr or /var. The relabel should
figure out you are on a NFS share and bale out.
Are there lots of files on a file system other then an NFS share?
There are a fair number - find / | wc -l has been running for more than
five minutes now. One thing that is on this system are backups of /etc
from all 170+ servers and workstations, as well as of some home
But none of our other servers did that, and some include backup of home