Re: gconf alert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Valent Turkovic wrote:
> On Sun, Apr 6, 2008 at 10:37 AM, Valent Turkovic
> <valent.turkovic@xxxxxxxxx> wrote:
>> On Sat, Apr 5, 2008 at 9:21 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
>>  >
>>  > -----BEGIN PGP SIGNED MESSAGE-----
>>  >  Hash: SHA1
>>  >
>>  >  Valent Turkovic wrote:
>>  >  > On Sat, Mar 29, 2008 at 6:55 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
>>  >  >> -----BEGIN PGP SIGNED MESSAGE-----
>>  >  >>  Hash: SHA1
>>  >  >>
>>  >  >>  Valent Turkovic wrote:
>>  >  >>
>>  >  >>> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis@xxxxxxxxxx> wrote:
>>  >  >>  >> Valent Turkovic wrote:
>>  >  >>  >>  > I'm creating live cds under rawhide and I have selinux in permissive
>>  >  >>  >>  > mode, could that be reason I'm seeing these hundreds of alerts?
>>  >  >>  >>
>>  >  >>  >>  https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
>>  >  >>  >>
>>  >  >>  >>  --
>>  >  >>  >>  John Dennis <jdennis@xxxxxxxxxx>
>>  >  >>  >>
>>  >  >>  >
>>  >  >>  > Ok, I'm an idiot :) I got so much going on at once (work, moving to
>>  >  >>  > new apartment, etc...) that I totally forgot I got this replied
>>  >  >>  > already.
>>  >  >>  >
>>  >  >>  > But I want to keep in permissive an not enforcing mode so is just
>>  >  >>  > "load_policy" enough ?
>>  >  >>  >
>>  >  >>  > Cheers,
>>  >  >>  > Valent.
>>  >  >>  >
>>  >  >>  load_policy and you might need to kill any processes that are running as
>>  >  >>  unlabeled_t.  Potentially you could have files that are mislabeled.
>>  >  >
>>  >  >
>>  >  >
>>  >  > I made several load_policy and relabels with reboot ans I still see
>>  >  > these errors!
>>  >  > Do you have any idea why?
>>  >  >
>>  >  > Cheers,
>>  >  > Valent
>>  >  > .
>>  >  >
>>  >  >
>>  >  Do you have two policy files in /etc/selinux/targeted/policy?
>>
>>  # ls -al /etc/selinux/targeted/policy
>>  total 4056
>>  drwxr-xr-x 2 root root    4096 2008-04-03 23:05 .
>>  drwxr-xr-x 5 root root    4096 2008-04-03 23:05 ..
>>  -rw-r--r-- 1 root root 4128435 2008-04-03 23:05 policy.21
>>
>>  as you can see I have only on file in policy directory
>>
>>
>>  >  If you do, remove the lower version and then execute load_policy,
>>  >  Relabel the file in question and you should not have a problem.   If the
>>  >  file is in /tmp you can remove it or set its label to tmp_t.
>>
>>  I'm going now to move all files from /tmp to another folder and then
>>  if reboot succeeds I'll delete those files and see if I still see
>>  selinux alerts.
>>
>>  So you haven't seen this kind of error? Nobody has reported anything similar?
>>
>>
>>
>>  Valent.
>>
>>  --
>>  http://kernelreloaded.blog385.com/
>>  linux, blog, anime, spirituality, windsurf, wireless
>>  registered as user #367004 with the Linux Counter, http://counter.li.org.
>>  ICQ: 2125241, Skype: valent.turkovic
>>
> 
> 
> Even after deleting all files in /tmp folder I still see these two
> alerts (in attachemen).
> 
> I investigated alert about saved_state.tmp file and with locate file
> command I found this:
> /home/valentt/.gconfd/saved_state
> 
> does that give you any more clues why I'm seeing these alerts? I'm now
> in Fedora 8 not in Rawhide but in Rawhide I see same alerts.
> 
> Is it possible that livecd-creator does some things and breaks selinux
> in some way that you still aren't aware of?
> 
> Valent.
> 
> 
You should run restorecon on your homedir.  restorecon -R -v ~/


The loading of a different policy will invalidate file context on disk
that the new policy does not understand.  But reloading the original
policy should change the context badk to something that is understood.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkf+c7EACgkQrlYvE4MpobMgWwCffNmGfQExWCWIps7jHy5a1QeJ
Cg0An0dGx1WckFnRoAdp/ZuFpTQEiLqo
=6uxi
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux