selinux-policy-targeted update is dangerous

Arthur Pemberton dalive at flashmail.com
Tue Jun 28 04:36:24 UTC 2005


D. D. Brierton wrote:

>On Mon, 2005-06-27 at 23:17 -0400, Erik Hemdal wrote:
>
>  
>
>>I _did_ however encounter the "syntax errors" in a few processes before 
>>taking the .13 update; in fact I was looking for this update to be the 
>>one that fixed the prior errors (no joy there).  So if something went 
>>awry, it might have been coming for a little while before the latest update.
>>    
>>
>
>The syntax errors were these?
>
>invalid context system_u:object_r:crypt_device_t on line number 287
>invalid context system_u:object_r:system_dbusd_var_run_t on line number 888
>
>This bug report seems to cover that:
>
>https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160804
>
>In my case removing selinux-policy-targeted and selinux-policy-targeted-
>sources and rm -fR /etc/selinux/targeted and then re-installing the
>1.17.30-3.9 versions of those packages got rid of the problem. It seems
>that some files in the newer package weren't replacing the ones in the
>older package because of some date problems.
>
>  
>
>>The reinstallation and /.autorelabel fix posted earlier fixed everything 
>>for me.  Now I can also see that the 1.17.30.3-9 version is available 
>>via the RHN Alert Notification tool.  Someone worked fast!
>>    
>>
>
>No, the problems are with the 1.17.30-3.13 versions which are newer than
>1.17.30-3.9. You (or yum or up2date) are just checking a mirror which
>hasn't synced yet. The 1.17.30-3.13 versions will no doubt show up soon
>and that will cause you problems. Updating from an older version to
>1.17.30-3.9 will bring back the "invalid context" errors. Your best bet
>right now is to do a clean install of the 1.17.30-3.9 versions of the
>packages in question.
>
>  
>
>>Appreciate the quick response, albeit perhaps not quick enough for 
>>everyone.  Erik
>>    
>>
>
>Actually there has been no official response on bugzilla regarding the
>problem at hand.
>
>  
>
That's what I thought. I must say however, I encountered these problems 
on an FC3 machine. My FC4 desktop seems to be working just fine.

>Best, Darren
>
>  
>




More information about the users mailing list