gconf alert
Daniel J Walsh
dwalsh at redhat.com
Thu Apr 10 20:08:17 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Valent Turkovic wrote:
> On Sun, Apr 6, 2008 at 10:37 AM, Valent Turkovic
> <valent.turkovic at gmail.com> wrote:
>> On Sat, Apr 5, 2008 at 9:21 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>> >
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > Valent Turkovic wrote:
>> > > On Sat, Mar 29, 2008 at 6:55 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
>> > >> -----BEGIN PGP SIGNED MESSAGE-----
>> > >> Hash: SHA1
>> > >>
>> > >> Valent Turkovic wrote:
>> > >>
>> > >>> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis at redhat.com> wrote:
>> > >> >> Valent Turkovic wrote:
>> > >> >> > I'm creating live cds under rawhide and I have selinux in permissive
>> > >> >> > mode, could that be reason I'm seeing these hundreds of alerts?
>> > >> >>
>> > >> >> https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
>> > >> >>
>> > >> >> --
>> > >> >> John Dennis <jdennis at redhat.com>
>> > >> >>
>> > >> >
>> > >> > Ok, I'm an idiot :) I got so much going on at once (work, moving to
>> > >> > new apartment, etc...) that I totally forgot I got this replied
>> > >> > already.
>> > >> >
>> > >> > But I want to keep in permissive an not enforcing mode so is just
>> > >> > "load_policy" enough ?
>> > >> >
>> > >> > Cheers,
>> > >> > Valent.
>> > >> >
>> > >> load_policy and you might need to kill any processes that are running as
>> > >> unlabeled_t. Potentially you could have files that are mislabeled.
>> > >
>> > >
>> > >
>> > > I made several load_policy and relabels with reboot ans I still see
>> > > these errors!
>> > > Do you have any idea why?
>> > >
>> > > Cheers,
>> > > Valent
>> > > .
>> > >
>> > >
>> > Do you have two policy files in /etc/selinux/targeted/policy?
>>
>> # ls -al /etc/selinux/targeted/policy
>> total 4056
>> drwxr-xr-x 2 root root 4096 2008-04-03 23:05 .
>> drwxr-xr-x 5 root root 4096 2008-04-03 23:05 ..
>> -rw-r--r-- 1 root root 4128435 2008-04-03 23:05 policy.21
>>
>> as you can see I have only on file in policy directory
>>
>>
>> > If you do, remove the lower version and then execute load_policy,
>> > Relabel the file in question and you should not have a problem. If the
>> > file is in /tmp you can remove it or set its label to tmp_t.
>>
>> I'm going now to move all files from /tmp to another folder and then
>> if reboot succeeds I'll delete those files and see if I still see
>> selinux alerts.
>>
>> So you haven't seen this kind of error? Nobody has reported anything similar?
>>
>>
>>
>> Valent.
>>
>> --
>> http://kernelreloaded.blog385.com/
>> linux, blog, anime, spirituality, windsurf, wireless
>> registered as user #367004 with the Linux Counter, http://counter.li.org.
>> ICQ: 2125241, Skype: valent.turkovic
>>
>
>
> Even after deleting all files in /tmp folder I still see these two
> alerts (in attachemen).
>
> I investigated alert about saved_state.tmp file and with locate file
> command I found this:
> /home/valentt/.gconfd/saved_state
>
> does that give you any more clues why I'm seeing these alerts? I'm now
> in Fedora 8 not in Rawhide but in Rawhide I see same alerts.
>
> Is it possible that livecd-creator does some things and breaks selinux
> in some way that you still aren't aware of?
>
> Valent.
>
>
You should run restorecon on your homedir. restorecon -R -v ~/
The loading of a different policy will invalidate file context on disk
that the new policy does not understand. But reloading the original
policy should change the context badk to something that is understood.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkf+c7EACgkQrlYvE4MpobMgWwCffNmGfQExWCWIps7jHy5a1QeJ
Cg0An0dGx1WckFnRoAdp/ZuFpTQEiLqo
=6uxi
-----END PGP SIGNATURE-----
More information about the selinux
mailing list