On 12/2/05, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > Gene C. wrote: > > On Friday 02 December 2005 14:20, Nicolas Mailhot wrote: > > > >> Le vendredi 02 décembre 2005 à 14:17 -0500, Stephen Smalley a écrit : > >> > >>> It isn't the number of nodes in /dev; it is the number of entries in > >>> file_contexts. And the slowdown should be improved/eliminated with > >>> recent changes in libselinux (1.27.28); let us know if it isn't. There > >>> are two changes in libselinux, one of which will have immediate benefit > >>> without requiring any changes to udev, and the other of which requires a > >>> small change to udev to take advantage of. > >>> > >> BTW today's rawhide segfaults on boot if run in enforcing mode > >> > >> checkpolicy-1.27.19-1 > >> selinux-policy-targeted-2.0.7-2 > >> audit-1.1.1-1 > >> audit-libs-1.1.1-1 > >> audit-libs-1.1.1-1 > >> libselinux-1.27.28-1 > >> libselinux-1.27.28-1 > >> libsepol-1.9.41-1 > >> libsepol-1.9.41-1 > >> libsemanage-1.3.61-1 > >> > >> Adding selinux=false to the boot arguments rescues the system > >> > > > > I also see a kernel panic after today's updates if selinux=enforcing > > > > Reboot selinux=false single > > and change to selinux=permissive gets things working again. > > > Yesterday's policy package wiped out the policy.20 file, on yum update. > We are no longer shipping policy.20 in the rpm, and the package post > install creates it. Problem is the previous version was shipped with > it and wipes it out on its post uninstall. Need to change the trigger > on policy package to recreate policy.20. > > selinux-policy-*-2.0.7-3 fixes the problem. It is up on my people site > ftp://people.redhat.com/dwalsh/SELinux/Fedora > > You can also do a > semoudle -B /usr/share/selinux/targeted/base.pp to recreate the > policy.20 file. > > Do not reboot until you fix this or else init will crash because you > have no policy. > > -- No joy? [root@tlondon Downloads]# rpm -Uvh selinux-policy-targeted-2.0.8-1.noarch.rpm Preparing... ########################################### [100%] 1:selinux-policy-targeted########################################### [100%] libsepol.sepol_genbools_array: boolean allow_write_xshm no longer in policy libsepol.sepol_genbools_array: boolean i18n_input_disable_trans no longer in policy libsepol.sepol_genbools_array: boolean mail_readhome no longer in policy libsepol.sepol_genbools_array: boolean mail_writehome no longer in policy libsepol.sepol_genbools_array: boolean pppd_for_user no longer in policy libsepol.sepol_genbools_array: boolean system_dbusd_disable_trans no longer in policy /usr/sbin/load_policy: Can't load policy: Invalid argument libsemanage.semanage_reload_policy: load_policy returned error code 2. libsepol.sepol_genbools_array: boolean allow_write_xshm no longer in policy libsepol.sepol_genbools_array: boolean i18n_input_disable_trans no longer in policy libsepol.sepol_genbools_array: boolean mail_readhome no longer in policy libsepol.sepol_genbools_array: boolean mail_writehome no longer in policy libsepol.sepol_genbools_array: boolean pppd_for_user no longer in policy libsepol.sepol_genbools_array: boolean system_dbusd_disable_trans no longer in policy /usr/sbin/load_policy: Can't load policy: Invalid argument libsemanage.semanage_reload_policy: load_policy returned error code 2. Failed! libsepol.sepol_genbools_array: boolean allow_write_xshm no longer in policy libsepol.sepol_genbools_array: boolean i18n_input_disable_trans no longer in policy libsepol.sepol_genbools_array: boolean mail_readhome no longer in policy libsepol.sepol_genbools_array: boolean mail_writehome no longer in policy libsepol.sepol_genbools_array: boolean pppd_for_user no longer in policy libsepol.sepol_genbools_array: boolean system_dbusd_disable_trans no longer in policy /usr/sbin/load_policy: Can't load policy: Invalid argument libsemanage.semanage_reload_policy: load_policy returned error code 2. libsepol.sepol_genbools_array: boolean allow_write_xshm no longer in policy libsepol.sepol_genbools_array: boolean i18n_input_disable_trans no longer in policy libsepol.sepol_genbools_array: boolean mail_readhome no longer in policy libsepol.sepol_genbools_array: boolean mail_writehome no longer in policy libsepol.sepol_genbools_array: boolean pppd_for_user no longer in policy libsepol.sepol_genbools_array: boolean system_dbusd_disable_trans no longer in policy /usr/sbin/load_policy: Can't load policy: Invalid argument libsemanage.semanage_reload_policy: load_policy returned error code 2. Failed! -- Tom London -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
