diff options
author | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-10 20:22:27 +0200 |
---|---|---|
committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-10 20:22:27 +0200 |
commit | 2edf36cf8da16833111fdf7f7f46fa7169bc0e7f (patch) | |
tree | ca8fef43cf5f15ed5df7075656f5d853e7093f4c | |
parent | Fix bug #411005 - Have the user manually install python-2 (diff) | |
download | hardened-docs-2edf36cf8da16833111fdf7f7f46fa7169bc0e7f.tar.gz hardened-docs-2edf36cf8da16833111fdf7f7f46fa7169bc0e7f.tar.bz2 hardened-docs-2edf36cf8da16833111fdf7f7f46fa7169bc0e7f.zip |
Fix bug #411377 - Additional details on working out corrupted policy store
-rw-r--r-- | xml/selinux/hb-using-troubleshoot.xml | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/xml/selinux/hb-using-troubleshoot.xml b/xml/selinux/hb-using-troubleshoot.xml index 6a7d2dd..fc0323d 100644 --- a/xml/selinux/hb-using-troubleshoot.xml +++ b/xml/selinux/hb-using-troubleshoot.xml @@ -7,8 +7,8 @@ <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/selinux/hb-appendix-troubleshoot.xml,v 1.2 2011/04/25 20:12:59 zorry Exp $ --> <sections> -<version>1</version> -<date>2011-12-11</date> +<version>2</version> +<date>2012-04-10</date> <section> <title>Unable To Load SELinux Policy</title> @@ -111,6 +111,36 @@ points to a <path>selinux/v2refpolicy/...</path> profile. </body> </subsection> +<subsection> +<title>Policy Store is Corrupt</title> +<body> + +<p> +If you encounter problems during boot-up or <c>semodule</c> operations which +fail with loading problems, but cannot be resolved with the above solution, then +you might need to reinstall the policies after eliminating the corrupt store. +</p> + +<pre caption="Recovering from store corruption"> +~# <i>semodule -n -B</i> +libsemanage.semanage_load_module: Error while reading from module file +/etc/selinux/targeted/modules/tmp/base.pp. (No such file or directory) + +~# <i>setenforce 0</i> +~# <i>mv /etc/selinux/targeted /etc/selinux/targeted.old</i> +~# <i>FEATURES="-selinux" emerge -1av $(qlist -IC sec-policy)</i> +~# <i>restorecon -R /etc/selinux</i> +</pre> + +<p> +This will effectively disable the current, corrupted SELinux policy store and +then use Portage to reinstall all SELinux policy packages that are installed on +the system. When done, the file contexts of <path>/etc/selinux</path> are +restored, after which you should be able to continue. +</p> + +</body> +</subsection> </section> <section> |