Strange, if selinux-policy-targeted is not installed SELinux is disabled.
On 04/09/2014 08:31 PM, Sean Darcy wrote:
On 04/09/2014 06:01 PM, Daniel J Walsh wrote:
> So this looks like selinux-policy-targeted got removed during the
> update?
>
> On 04/09/2014 04:21 PM, Sean Darcy wrote:
>> On 04/08/2014 11:54 AM, Daniel J Walsh wrote:
>>> This usually means there is no /etc/selinux/targeted/policy/policy.*
>>> file.
>>>
>>> If you run semodule -B Does one get created?
>>> On 04/08/2014 10:59 AM, Sean Darcy wrote:
>>>> Trying to upgrade F19 to F20 using fedup. On the upgrade reboot it
>>>> hangs:
>>>>
>>>> ............
>>>> Reached target Initrd Default Target
>>>> systemd-journal1d166]: Received SIGTERM
>>>> systemd[1]: Failed to initialize SELinux context: no such file or
>>>> directory
>>>>
>>>>
>>>> selinux is set to permissive. F19 works fine.
>>>>
>>>> I suppose I could set selinux=0 , but then none of the contexts would
>>>> be set. Correct?
>>>>
>>>> sean
>>>>
>>>>
>>>
>> No. There's no such file:
>> ls /etc/selinux/targeted
>> contexts modules seusers.rpmnew seusers.rpmsave
>>
>> But:
>>
>> semodule -B
>> libsemanage.semanage_link_sandbox: Could not access sandbox base file
>> /etc/selinux/targeted/modules/tmp/base.pp. (No such file or directory).
>> semodule: Failed!
>>
>> sean
>>
>
selinux-policy-targeted was never installed.
There a bugzilla entry on this:
https://bugzilla.redhat.com/show_bug.cgi?id=1044484
It seems fedup requires selinux-policy-targeted, even if the policy is
permissive. And better yet, fedup doesn't check to see if it's installed.
So the drill seems to be
1. install selinux-policy-targeted
2. reboot to change all the contexts
3. retry fedup.
It'll fail. I got about 600 dupes. And there's no log, so you won't
find out what's wrong.
fedup --clean
And try again.
Sigh.