FW: SELINUX update Issue F22

Devon Smith devo8604 at outlook.com
Tue Aug 25 18:34:59 UTC 2015 

So an individual was following https://bugzilla.redhat.com/show_bug.cgi?id=1253926 and wanted to download the latest patch from koji to upgrade his selinux policy manually. It looks like he downloaded rpm: selinux-policy-3.13.1-128.12.fc22.noarch.rpm and he said that on reboot, his system froze and stated that the selinux policy could not be loaded. I sent him an email asking him to grep the RPM db to see what selinux packages were installed (thinking that he forgot to download and install the selinux-policy-targeted package).
Below is what he sent back...it does not look like the targeted packages is installed on his system. Since I am at work, I do not have access to a F22 workstation to see what is installed by default. Any suggestions? 
Devon

Subject: Re: SELINUX Issue
From: avg1209 at zoho.com
To: devo8604 at outlook.com
Date: Tue, 25 Aug 2015 14:27:08 -0400

Hi Devon,
Here you are:
[ag at prhost1 ~]$ rpm -qa | grep selinux* libselinux-2.3-10.fc22.x86_64libselinux-python-2.3-10.fc22.x86_64selinux-policy-3.13.1-128.10.fc22.noarchselinux-policy-devel-3.13.1-128.10.fc22.noarchrpm-plugin-selinux-4.12.0.1-12.fc22.x86_64libselinux-utils-2.3-10.fc22.x86_64libselinux-2.3-10.fc22.i686
Here is what I did today:
- I downloaded and installed following RPM from http://koji.fedoraproject.org/koji/buildinfo?buildID=679465
		428500 Aug 25 10:58 selinux-policy-3.13.1-128.12.fc22.noarch.rpm
- rebooted and got the error "Failed to load SELinux policy, freezing"- set "selinux=0" kernel parameter and booted- downgraded: "dnf downgrade selinux-policy-3.13.1-128.10.fc22.noarch"
I am currently in this state. But it looks like at every boot it tries to relabel the whole system, it takes way too long and that is why I am still booting with "selinux=0" to be able to work.
Could you recommend how can I return to what I had before all my steps described above? I will rather wait for the official update of the selinux-policy package, which I guess will eb thoroughly tested.
Thank you,- Andrew
-----Original Message-----From: Devon Smith <devo8604 at outlook.com>To: avg1209 at zoho.com <avg1209 at zoho.com>Subject: SELINUX IssueDate: Tue, 25 Aug 2015 12:09:16 -0600



Andrew,      can you do me a favor and run:
rpm -qa | grep selinux* 
There should be at least two selinux policy rpms installed, selinux-policy and selinux-targeted? Did you download/install the updated rpm for both or just selinux-policy. That could cause some issues
Devon J. Smith 		 	   		   		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/test/attachments/20150825/3f35b47a/attachment.html>

More information about the test mailing list