On 12/07/2015 01:39 PM, Paolo Galtieri wrote:
Somehow my SElinux config has gotten messed up. When I try to install a module I get the following error: libsepol.context_from_record: type httpd_prewikka_rw_content_t is not defined (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsemanage.validate_handler: invalid context system_u:object_r:httpd_prewikka_rw_content_t:s0 specified for /usr/share/prewikka/htdocs/generated_images [all files] (Invalid argument). libsemanage.dbase_llist_iterate: could not iterate over records (Invalid argument). semodule: Failed! The httpd_prewikka_rw_content_t does not exist. The directory does exist, but it doesn't matter whether the directory exists or not I still get the error. The problem entry is in /etc/selinux/targeted/contexts/files/file_contexts.local:/usr/share/prewikka/htdocs/generated_images system_u:object_r:httpd_prewikka_rw_content_t:s0 I have tried using the various selinux tools to correct the problem without success. My questions are: 1) Can I manually edit the file_contexts.local file and remove the problem entry? 2) Is this sufficient? 3) Do I need to run anything after I remove the entry to get SElinux to work correctly? Here is al ls -l of /etc/selinux/targeted/contexts/files/ -rw-r--r--. 1 root root 369806 Nov 20 04:44 file_contexts -rw-r--r--. 1 root root 1379785 Aug 22 18:55 file_contexts.bin -rw-r--r--. 1 root root 13169 Nov 20 04:44 file_contexts.homedirs -rw-r--r--. 1 root root 45743 Aug 22 18:55 file_contexts.homedirs.bin -rw-r--r--. 1 root root 1092 Oct 22 18:14 file_contexts.local -rw-r--r--. 1 root root 3936 Aug 22 18:55 file_contexts.local.bin -rw-r--r--. 1 root root 0 Nov 20 04:43 file_contexts.subs -rw-r--r--. 1 root root 474 Nov 20 04:43 file_contexts.subs_dist -rw-r--r--. 1 root root 139 Nov 20 04:43 media How are the .bin files generated? Any assistance is greatly appreciated.
I would try to reinstall your selinux-policy and selinux-policy-targeted RPMs first: sudo dnf reinstall selinux-policy selinux-policy-targeted Then relabel your filesystem by doing: sudo touch /.autorelabel sudo reboot You might need to "sudo setenforce 0" to put selinux in permissive mode before the first command. Depends on how screwed up selinux is at this point. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - "And on the seventh day, He exited from append mode." - ---------------------------------------------------------------------- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
