On Thu, Nov 13, 2008 at 10:51 PM, shrek-m gmx.de <[EMAIL PROTECTED]> wrote:
> Tom Sightler schrieb: > > Over the last few weeks we have been in the process of moving all of > > our RHEL5 systems from 5.1 to 5.2. Most of these upgrades have gone > > very well, however, we have 4 or 5 systems which have spontaneously > > "re-enabled" SELinux as part of the upgrade. It appears that the > > upgrade process is silently replacing the /etc/selinux/config file, > > which we had modified to set SELINUX=disabled, with the default file > > which has SELINUX=enforcing. > > > > On reboot the systems fail to boot with various SELinux errors and a > > warning that the file system needs to be relabled and the system is > > rebooting. Without manual intervention it is stuck in this loop. We > > can recover by adding "enforcing=0" to the kernel boot line and either > > changing the file back to SELINUX=disabled or, if we decide to give > > SElinux another spin, relabeling the filesystem, but I'm curious if > > anyone else has seen this issue. > > > > We have a mix of systems and about half have SELinux enabled, and the > > other half do not, but this issue has only affected a handful of the > > systems where SELinux is currently disabled. Several other systems > > with SELinux disabled upgraded without any issues. The upgrades were > > performed with a simple "yum update" not a CD/DVD upgrade. > > > > Obviously we can recover from this issue without a major problem, but > > I'm curious if others have seen it because we simply can't explain why > > it seems to happen "randomly" rather than on every system that has > > SELinux disabled. We think it may be on systems that were previously > > upgraded from RHEL4 where we always disabled SELinux. We're really > > just trying to find a pattern and determine if it's worth opening a > > case with Redhat. > > > > Later, > > Tom > > the same happened here in october. > > clean fresh 5.0, not registered, only for testing, no updates for > several months, no problems, selinux=disabled > rhn_register ; yum update -> 5.2, oops, selinux=enforcing > > thanks at redhat for the extra time to solve the problems via ssh :( it cant be that hard to figure out, a quick look at the logs would show all sorts of AVC messages
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
