On 12/15/12 12:30, Sven Vermeulen wrote: > On Fri, Dec 14, 2012 at 09:34:49AM +0200, Cor Legemaat wrote: >> On my system with the last update I receive a warning message of: >> >> * SELinux module load failed. Trying full reload... >> * Failed to reload SELinux policies. >> * >> * If this is *not* the last SELinux module package being installed, >> * then you can safely ignore this as the reloads will be retried >> * with other, recent modules. >> * >> * If it is the last SELinux module package being installed however, >> * then it is advised to look at the error above and take appropriate >> * action since the new SELinux policies are not loaded until the >> * command finished succesfully. >> * >> * To reload, run the following command from within >> /usr/share/selinux/targeted: >> * semodule -b base.pp -i $(ls *.pp | grep -v base.pp) >> * or >> * semodule -b base.pp -i $(ls *.pp | grep -v base.pp | grep -v >> unconfined.pp) >> * depending on if you need the unconfined domain loaded as well or not. >> >> When I tried to execute the cmd manual: >> >> k53s cor # cd /usr/share/selinux/targeted/ >> k53s targeted # semodule -b base.pp -i $(ls *.pp | grep -v base.pp) >> libsepol.permission_copy_callback: Module mysql depends on permission >> epollwakeup in class capability2, not satisfied (No such file or directory). >> libsemanage.semanage_link_sandbox: Link packages failed (No such file or >> directory). >> semodule: Failed! > What kernel version are you running? > > What does "ls /sys/fs/selinux/class/capability2/perms/" give back? > > There was a small window where the block_suspend capability was called > epollwakeup, but that was resolved in July this year... > > Also check if selinux-mysql is (still) installed on your system (or needed), > perhaps the mysql.pp file is outdated. The command "ls -ltr > /usr/share/selinux/strict/" should show that most/all modules are built > fairly close to each other. > > Wkr, > Sven Vermeulen > > Hi:
kernel = linux-3.5.4-hardened-r1 k53s cor # ls /sys/fs/selinux/class/capability2/perms/ epollwakeup mac_admin mac_override syslog wake_alarm k53s cor # ls -ltr /usr/share/selinux/targeted/ show the time difference within 21 seconds but mysql.pp is not there. mysql.pp is in "/etc/selinux/targeted/modules/active/modules/", don't know why an uninstall didn't remove it, can I just delete the file? mysql nor selinux-mysql is installed. Regards: Cor
signature.asc
Description: OpenPGP digital signature
