Fedora upgrade, got unbootable system
Oron Peled
oron at actcom.co.il
Thu Apr 19 00:25:42 IDT 2012
On Wednesday, 18 בApril 2012 17:26:35 Nadav Har'El wrote:
> On Wed, Apr 18, 2012, Dov Grobgeld wrote about "Re: Fedora upgrade,
> got unbootable system":
> > prompt> ssh dov at localhost
> > Last login: Wed Apr 18 17:16:28 2012 from localhost.localdomain
> > Could not chdir to home directory /home/dov: Permission denied
> > prompt> cd
> > prompt> pwd
> > /home/dov
> >
> > I.e. I initially get a permission denied, but when cd'ing it
> > doesn't affect me. Could it be a SELinux issue?
>
> Yes, maybe this will help:
> http://kangry.com/topics/viewcomment.php?index=18540
1. Indeed, the easiest way to check if it's SELinux problem is
to temporarily 'setenforce 0' and compare the behaviour with
the normal 'setenforce 1' behaviour.
2. The advice to manually 'chcon -t ....' is not very good:
- SELinux has a policy database that include a mapping from
paths (with regexes) to security labels
- You can view it with:
semanage fcontext -l
- You can apply it selectively to some paths via:
restorecon files/dirs....
or
restorecon -R files/dirs # recursive
- Or if you suspect your whole file system is inconsistent,
make it relabel the whole disk on the next boot (very-slow)
by:
touch /.autorelabel
- You after restorecon, the security label is still wrong, than
you can 'chcon' it as a workaround, and file a bug against
the SELinux policy (Fedora SELinux team is very responsive,
including on IRC)
Hope it helps,
--
Oron Peled Voice: +972-4-8228492
oron at actcom.co.il http://users.actcom.co.il/~oron
"UNIX was not designed to stop you from doing stupid things, because
that would also stop you from doing clever things."
--Doug Gwyn
More information about the Linux-il
mailing list