targeted policy relabels *everything*?
m.roth at 5-cent.us
m.roth at 5-cent.us
Wed Nov 26 18:53:50 UTC 2014
Tristan Santore wrote:
> On 26/11/14 18:44, m.roth at 5-cent.us wrote:
>> The admin I work with and I have been updated our CentOS servers to 6.6.
>> One server that's been running for years, with no issues (it is in
>> permissive, also), got updated...
>>
>> Nov 25 17:26:56 Updated: kexec-tools-2.0.0-280.el6.x86_64
>> <many, many, many lines of asterisks elided>
>> Nov 26 01:10:52 Updated: selinux-policy-targeted-3.7.19-260.el6.noarch
>> Nov 26 01:10:56 Updated: coolkey-1.1.0-32.el6.x86_64
>>
>> Yes, that *is* about 7.5 *hours* to install that policy. I can only
>> guess that for some reason, it decided to relabel the *ENTIRE* system.
>>
>> Anyone have any idea *why*?
> Any large SANs mounted ? Or other large data volumes ? Then it could
> take AGES!
>
Nope. A RAID 1 w/ 914G, 37% used. Don't tell me it tried to do any
NFS-mounted stuff, that I can't believe.
mark
More information about the selinux
mailing list