F17-Selinux troubles after upgrading

Daniel J Walsh dwalsh at redhat.com
Wed May 2 20:24:47 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/02/2012 04:22 PM, Adam Williamson wrote:
> On Sat, 2012-04-28 at 20:30 +0100, Frank Murphy wrote:
>> On 28/04/12 20:26, antonio wrote:
>>> I upgraded from F-16 to F-17 Beta, then upgraded to find that I
>>> couldn't delete my own files!!! after disabling Selinux and enabling it
>>> again (i.e. relabeling) everything is o.k.Anybody experiencing it??
>> 
>> No, but it's good practice to do a relabel after an update. As policies
>> most likely have changed, even if subtly.
>> 
>> I'm surprised a full relabel wasn't done automatically.
> 
> Antonio doesn't really provide much detail on how exactly he upgraded. I 
> think anaconda-based upgrades do a relabel automatically, but obviously 
> upgrading via yum won't necessarily do so.

We have not done a full relabel on upgrade,since it could take potentially a
very long time.  We could just drop the /.autorelabel file in preupgrade which
would trigger the relabel.  I have not heard of other people having SELinux
labeling issues on upgrade, I wish we had the audit.log to see what the
problem was.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+hmA8ACgkQrlYvE4MpobMhBwCgy1Gnlk8daFJFr4o1rMv9Ohry
/VUAnjittDbJTycgRf3kKWDVmy5cpqRw
=wUlO
-----END PGP SIGNATURE-----


More information about the test mailing list