[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-selinux-list
Subject:    Re: Today's rawhide update
From:       Daniel J Walsh <dwalsh () redhat ! com>
Date:       2007-07-23 13:23:16
Message-ID: 46A4ABC4.5020900 () redhat ! com
[Download RAW message or body]

Steve G wrote:
> > > libsemanage.semanage_commit_sandbox: Error while renaming
> > > /etc/selinux/targeted/modules/active to
> > > 
> /etc/selinux/targeted/modules/previous.
> 
> > > /usr/sbin/semanage: Could not add SELinux user guest_u
> > > libsemanage.semanage_commit_sandbox: Error while renaming
> > > /etc/selinux/targeted/modules/active to
> > > 
> /etc/selinux/targeted/modules/previous.
> 
> > > /usr/sbin/semanage: Could not add SELinux user xguest_u
> > > Cleanup   : policycoreutils              ####################### [16/22]
> > > 
> > Steve, why is this alarming? 
> > 
> 
> Cause it sounds like a user type was not successfully added to the on-disk
> policy. Running "semanage user -l" shows that neither guest_u or xguest_u exist.
> 
> 
> > I'm almost certain that I've seen this before on my own system. Should I be
> > concerned as well?
> > 
> 
> I think this indicates a problem with libsemanage or selinux policy. And by the
> terseness of the error messages, I wonder if there's enough information to
> diagnose *why* this failed. An errno might be useful here.
> 
> -Steve
> 
> 
> 
> ____________________________________________________________________________________
>  Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! \
> Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> 
The problem here is that a transition has failed and 
/etc/selinux/targeted has a mislabeled problem.
restorecon -R -v /etc/selinux/targeted should clean it up.

Not sure what caused it, although I have a theory that a transition on 
setsebool did not happen properly so the files
got mislabeled, during an rpm install.

restorecon -R -v /etc/selinux/targeted
should clean up the mislabeled directory

# semanage user -a -P guest -R guest_r guest_u
# semanage user -a -P xguest -R xguest_r xguest_u

Execute these commands to create the two new user types.





--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic