gconf alert

Valent Turkovic valent.turkovic at gmail.com
Sun Apr 6 08:37:24 UTC 2008 

On Sat, Apr 5, 2008 at 9:21 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>  Hash: SHA1
>
>  Valent Turkovic wrote:
>  > On Sat, Mar 29, 2008 at 6:55 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>  >> -----BEGIN PGP SIGNED MESSAGE-----
>  >>  Hash: SHA1
>  >>
>  >>  Valent Turkovic wrote:
>  >>
>  >>> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis at redhat.com> wrote:
>  >>  >> Valent Turkovic wrote:
>  >>  >>  > I'm creating live cds under rawhide and I have selinux in permissive
>  >>  >>  > mode, could that be reason I'm seeing these hundreds of alerts?
>  >>  >>
>  >>  >>  https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
>  >>  >>
>  >>  >>  --
>  >>  >>  John Dennis <jdennis at redhat.com>
>  >>  >>
>  >>  >
>  >>  > Ok, I'm an idiot :) I got so much going on at once (work, moving to
>  >>  > new apartment, etc...) that I totally forgot I got this replied
>  >>  > already.
>  >>  >
>  >>  > But I want to keep in permissive an not enforcing mode so is just
>  >>  > "load_policy" enough ?
>  >>  >
>  >>  > Cheers,
>  >>  > Valent.
>  >>  >
>  >>  load_policy and you might need to kill any processes that are running as
>  >>  unlabeled_t.  Potentially you could have files that are mislabeled.
>  >
>  >
>  >
>  > I made several load_policy and relabels with reboot ans I still see
>  > these errors!
>  > Do you have any idea why?
>  >
>  > Cheers,
>  > Valent
>  > .
>  >
>  >
>  Do you have two policy files in /etc/selinux/targeted/policy?

# ls -al /etc/selinux/targeted/policy
total 4056
drwxr-xr-x 2 root root    4096 2008-04-03 23:05 .
drwxr-xr-x 5 root root    4096 2008-04-03 23:05 ..
-rw-r--r-- 1 root root 4128435 2008-04-03 23:05 policy.21

as you can see I have only on file in policy directory

>  If you do, remove the lower version and then execute load_policy,
>  Relabel the file in question and you should not have a problem.   If the
>  file is in /tmp you can remove it or set its label to tmp_t.

I'm going now to move all files from /tmp to another folder and then
if reboot succeeds I'll delete those files and see if I still see
selinux alerts.

So you haven't seen this kind of error? Nobody has reported anything similar?

Valent.

-- 
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

More information about the selinux mailing list