Tuesday 11th July 2006
SELinux Policy Update
Got a message from cron this morning:
/etc/cron.daily/yum.cron: libsepol.scope_copy_callback: proftpd: Duplicate declaration in module: type/attribute ftpdctl_exec_t libsemanage.semanage_link_sandbox: Link packages failed semodule: Failed!
The reason for this was that my proftpd policy module is now included in the upstream and Fedora base policy, and the definition of the ftpdctl_exec_t type in the new base policy conflicts with the same definition in my local policy module. The solution is of course to unload my local policy module as it's no longer needed:
# semodule -r proftpd
However, that still left me with the old base policy loaded (since linking the new one with my local modules had failed at rpm upgrade time), so I also needed:
# semodule -b /usr/share/selinux/targeted/base.pp
This got me fully up to date.