On 05/12/2015 02:56 PM, Stephen Smalley wrote: > BTW, in trying to test these scenarios, I did a yum remove > selinux-policy-targeted at one point and was surprised to find that I > couldn't subsequently do a yum install selinux-policy-targeted. It > would always fail. Ultimately I found that if I created an empty > /etc/selinux/targeted/contexts/files/file_contexts file and then tried > installing it, it would work. So I guess rpm -i fails if there is no > file_contexts file? That doesn't seem right. > That's correct. rpm does a verification of a transaction and one of the steps is to check files labels. It uses selinux_file_context_path() to get a file path and if it can't open this file, it fails as it can't confirm whether contexts are ok or not. Empty file_contexts file means that there's no conflict. If you want to skip this check, you can use: rpm -i --nocontexts ... or yum install --setopt=tsflags=nocontexts or just reboot and install selinux-policy-targeted with disabled SELinux. Petr -- Petr Lautrbach
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
