-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Valent Turkovic wrote: > On Sun, Apr 6, 2008 at 10:37 AM, Valent Turkovic > <valent.turkovic@xxxxxxxxx> wrote: >> On Sat, Apr 5, 2008 at 9:21 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: >> > >> > -----BEGIN PGP SIGNED MESSAGE----- >> > Hash: SHA1 >> > >> > Valent Turkovic wrote: >> > > On Sat, Mar 29, 2008 at 6:55 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: >> > >> -----BEGIN PGP SIGNED MESSAGE----- >> > >> Hash: SHA1 >> > >> >> > >> Valent Turkovic wrote: >> > >> >> > >>> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis@xxxxxxxxxx> wrote: >> > >> >> Valent Turkovic wrote: >> > >> >> > I'm creating live cds under rawhide and I have selinux in permissive >> > >> >> > mode, could that be reason I'm seeing these hundreds of alerts? >> > >> >> >> > >> >> https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html >> > >> >> >> > >> >> -- >> > >> >> John Dennis <jdennis@xxxxxxxxxx> >> > >> >> >> > >> > >> > >> > Ok, I'm an idiot :) I got so much going on at once (work, moving to >> > >> > new apartment, etc...) that I totally forgot I got this replied >> > >> > already. >> > >> > >> > >> > But I want to keep in permissive an not enforcing mode so is just >> > >> > "load_policy" enough ? >> > >> > >> > >> > Cheers, >> > >> > Valent. >> > >> > >> > >> load_policy and you might need to kill any processes that are running as >> > >> unlabeled_t. Potentially you could have files that are mislabeled. >> > > >> > > >> > > >> > > I made several load_policy and relabels with reboot ans I still see >> > > these errors! >> > > Do you have any idea why? >> > > >> > > Cheers, >> > > Valent >> > > . >> > > >> > > >> > Do you have two policy files in /etc/selinux/targeted/policy? >> >> # ls -al /etc/selinux/targeted/policy >> total 4056 >> drwxr-xr-x 2 root root 4096 2008-04-03 23:05 . >> drwxr-xr-x 5 root root 4096 2008-04-03 23:05 .. >> -rw-r--r-- 1 root root 4128435 2008-04-03 23:05 policy.21 >> >> as you can see I have only on file in policy directory >> >> >> > If you do, remove the lower version and then execute load_policy, >> > Relabel the file in question and you should not have a problem. If the >> > file is in /tmp you can remove it or set its label to tmp_t. >> >> I'm going now to move all files from /tmp to another folder and then >> if reboot succeeds I'll delete those files and see if I still see >> selinux alerts. >> >> So you haven't seen this kind of error? Nobody has reported anything similar? >> >> >> >> Valent. >> >> -- >> http://kernelreloaded.blog385.com/ >> linux, blog, anime, spirituality, windsurf, wireless >> registered as user #367004 with the Linux Counter, http://counter.li.org. >> ICQ: 2125241, Skype: valent.turkovic >> > > > Even after deleting all files in /tmp folder I still see these two > alerts (in attachemen). > > I investigated alert about saved_state.tmp file and with locate file > command I found this: > /home/valentt/.gconfd/saved_state > > does that give you any more clues why I'm seeing these alerts? I'm now > in Fedora 8 not in Rawhide but in Rawhide I see same alerts. > > Is it possible that livecd-creator does some things and breaks selinux > in some way that you still aren't aware of? > > Valent. > > You should run restorecon on your homedir. restorecon -R -v ~/ The loading of a different policy will invalidate file context on disk that the new policy does not understand. But reloading the original policy should change the context badk to something that is understood. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkf+c7EACgkQrlYvE4MpobMgWwCffNmGfQExWCWIps7jHy5a1QeJ Cg0An0dGx1WckFnRoAdp/ZuFpTQEiLqo =6uxi -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
