F17-Selinux troubles after upgrading
Daniel J Walsh
dwalsh at redhat.com
Wed May 2 20:54:21 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/02/2012 04:35 PM, antonio montagnani wrote:
> Il 02/05/2012 22:24, Daniel J Walsh ha scritto: On 05/02/2012 04:22 PM,
> Adam Williamson wrote:
>>>> On Sat, 2012-04-28 at 20:30 +0100, Frank Murphy wrote:
>>>>> On 28/04/12 20:26, antonio wrote:
>>>>>> I upgraded from F-16 to F-17 Beta, then upgraded to find that I
>>>>>> couldn't delete my own files!!! after disabling Selinux and
>>>>>> enabling it again (i.e. relabeling) everything is o.k.Anybody
>>>>>> experiencing it??
>>>>>
>>>>> No, but it's good practice to do a relabel after an update. As
>>>>> policies most likely have changed, even if subtly.
>>>>>
>>>>> I'm surprised a full relabel wasn't done automatically.
>>>>
>>>> Antonio doesn't really provide much detail on how exactly he
>>>> upgraded. I think anaconda-based upgrades do a relabel automatically,
>>>> but obviously upgrading via yum won't necessarily do so.
>
> We have not done a full relabel on upgrade,since it could take potentially
> a very long time. We could just drop the /.autorelabel file in preupgrade
> which would trigger the relabel. I have not heard of other people having
> SELinux labeling issues on upgrade, I wish we had the audit.log to see what
> the problem was. Dan,
>
> where do I find the audit.log file???
>
> Tnx
>
/var/log/audit/audit.log
ausearch -m avc
Will extract the parts I care about
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+hnv0ACgkQrlYvE4MpobNQAwCcDXO81RqSGRnrmloonTDc4Yxz
my8AoNUYPshpqgTcYhcotVi4I3w1XGxJ
=mrUV
-----END PGP SIGNATURE-----
More information about the test
mailing list