Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 119522 - "invalid context" for default "fixfiles relabel"
Summary: "invalid context" for default "fixfiles relabel"
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: policycoreutils
Version: rawhide
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks: 122683
TreeView+ depends on / blocked
 
Reported: 2004-03-31 02:24 UTC by John Reiser
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-02-09 18:55:23 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description John Reiser 2004-03-31 02:24:50 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040312

Description of problem:
Default install of FC2test2 (Software Development Workstation) would
not boot successfully with [default] SELINUX=enforcing in
/etc/sysconfig/selinux.  I changed to SELINUX=disabled, booted
successfully (including 'firstboot' one-time setup), up2date all
packages (except: esound, esound-devel, fedora-logos, gimp, gstreamer,
libdv; which give dependency errors), change back to
SELINUX=enforcing, and try to run "fixfiles relabel" before rebooting.
 This fails with multiple "invalid context" complaints.

Version-Release number of selected component (if applicable):
policycoreutils-1.9-16

How reproducible:
Didn't try

Steps to Reproduce:
1.Default install FC2test2 Software Development Workstation (sets
SELINUX=enforcing).  Pentium4, ASUS mobo, 2001 BIOS, ide disks, ide
DVD and CD-R, PS/2 keyboard, USB mouse [very "vanilla".]
2.Attempt to boot [fails with console spewing SELinux complaints.]
3.Set SELINUX=disabled, boot, up2date, set SELINUX=enforcing, run
"fixfiles relabel".
    

Actual Results:  /usr/sbin/setfiles:  read 1345 specifications
Cleaning out /tmp
/usr/sbin/setfiles:  invalid context system_u:object_r:default_t on
line number 39
/usr/sbin/setfiles:  invalid context system_u:object_r:root_t on line
number 44
/usr/sbin/setfiles:  invalid context system_u:object_r:home_root_t on
line number 53
/usr/sbin/setfiles:  invalid context system_u:object_r:home_root_t on
line number 54
/usr/sbin/setfiles:  invalid context system_u:object_r:user_home_dir_t
on line number 55
/usr/sbin/setfiles:  invalid context system_u:object_r:user_home_dir_t
on line number 56
/usr/sbin/setfiles:  invalid context system_u:object_r:user_home_t on
line number 57
/usr/sbin/setfiles:  invalid context system_u:object_r:user_home_t on
line number 58
/usr/sbin/setfiles:  invalid context system_u:object_r:mnt_t on line
number 62
/usr/sbin/setfiles:  invalid context system_u:object_r:var_t on line
number 67
Exiting after 10 errors.


Expected Results:  1. Successful boot after default install of
Software Development Workstation with SELINUX=enforcing on vanilla box.
2. Successful execution of "fixfiles relabel" in default install.

Additional info:
Comment 1 Daniel Walsh 2004-03-31 03:16:19 UTC 
You need to reload the policy before the fixfiles.  

/usr/sbin/load_policy /etc/security/selinux/policy.15

Or 

make -c /etc/security/selinux/src/policy load

RPM does not currently load the policy after install.

You do not need to disable selinux, you should be able to put it in
non-enforcing mode.
Comment 2 Daniel Walsh 2004-04-01 18:40:22 UTC 
Policy has been update to automatically load so this problem should go
away.  policy-1.9.2-1

Dan
Comment 3 Daniel Walsh 2005-02-09 18:55:23 UTC 
Fixed in current release
Note You need to log in before you can comment on or make changes to this bug.