On 11/25/2016 01:28 PM, Sam Varshavchik wrote: > Patrick O'Callaghan writes: > >> On Fri, 2016-11-25 at 11:08 -0500, Sam Varshavchik wrote: >> > Wondering if all upgrades with selinux enabled are broken, or just >> something >> > with this particular laptop. This doesn't look like a system-specific >> > failure to me, but if all upgrades with enforcing selinux blow up >> like this, >> > I would've expected a lot of noise in here, by now… More details in >> bug >> > 1398696. >> >> My system has been enforcing for at least the last 5 versions (possibly >> more), and I had no problem with this. > > What output do you get from: > > ls -alZd /var/lib/dnf/system-upgrade > > On the one with the problem I get: > > drwxr-xr-x. 2 root root unconfined_u:object_r:user_tmp_t:s0 233472 Nov > 25 10:31 /var/lib/dnf/system-upgrade > user_tmp_t means that it was created by a user process in a /tmp or /var/tmp and then mv'd to /var/lib/dnf.
> Now, another one of my laptops shows: > > drwxr-xr-x. 2 root root unconfined_u:object_r:rpm_var_lib_t:s0 221184 > Nov 23 16:09 system-upgrade > > However that laptop was already running in permissive mode. Still, > according to rpm: > > file /var/lib/dnf/system-upgrade is not owned by any package > > After rmdir-ing and mkdir-ing /var/lib/dnf/system-upgrade its selinux > context is changed to unconfined_u:object_r:rpm_var_lib_t:s0, so I > think that's where the problem was. Unclear how the former selinux > context was what it was. > Just running restorecon -R -v /var/lib/dnf Would have fixed the problem. > > > _______________________________________________ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org
