I did a complete clean install of CentOS 5 from CD yesterday.
I took the default selinux configuration.
After that I ran yum update and found 600 plus updates and installs.
I let it go to do the updates and during that process I saw a large number of
issues in the selinux troubleshooter.
I also see these kinds of things in /var/log/messages:
**Unmatched Entries** (Only first 10 out of 49031 are printed)
audit: audit_backlog=262 > audit_backlog_limit=256
audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=256
audit: backlog limit exceeded
audit: audit_backlog=262 > audit_backlog_limit=256
audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=256
audit: backlog limit exceeded
.
.
.
This makes me wonder if I've now got a corrupt system because of partial
installs/upgrades on a number of packages ?
Do I need to start over with a clean install again, and how do I avoid this
problem the next time I try to run updates after the install?
thanks,
-chuck
--
ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph.
| and Integrated Interpretation | (713)993-0608 fax
633 1/2 W. 21st St.| Since 1992 | (713)306-5794 cell
Houston, TX, 77008 | Chuck Campbell | campbell at
accelinc.com
| President & Senior Geoscientist |
"Integration means more than having all the maps at the same
scale!"
Chuck Campbell wrote:> I did a complete clean install of CentOS 5 from CD yesterday. > I took the default selinux configuration. > > After that I ran yum update and found 600 plus updates and installs.That's a lot of updates. Do you really mean CentOS 5 rather than 5.2?> I let it go to do the updates and during that process I saw a large number of > issues in the selinux troubleshooter. > > I also see these kinds of things in /var/log/messages: > > **Unmatched Entries** (Only first 10 out of 49031 are printed) > audit: audit_backlog=262 > audit_backlog_limit=256 > audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=256 > audit: backlog limit exceeded > audit: audit_backlog=262 > audit_backlog_limit=256 > audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=256 > audit: backlog limit exceeded > . > . > . > > This makes me wonder if I've now got a corrupt system because of partial > installs/upgrades on a number of packages ? > > Do I need to start over with a clean install again, and how do I avoid this > problem the next time I try to run updates after the install?Could try putting selinux in permissive mode, or disabling, before updating - then restoring to the more secure level; however, that should not be necessary. Phil
Chuck Campbell wrote:> I did a complete clean install of CentOS 5 from CD yesterday.If you really updated from 5.0 to 5.2 ...> I took the default selinux configuratio > **Unmatched Entries** (Only first 10 out of 49031 are printed) > audit: audit_backlog=262 > audit_backlog_limit=256 > audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=256 > audit: backlog limit exceeded > audit: audit_backlog=262 > audit_backlog_limit=256 > audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=256 > audit: backlog limit exceeded... then please do a "touch /.autorelabel" and reboot - this will take some time, because SELinux will relabel your file system. Cheers, Ralph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 194 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20090305/8e45d898/attachment-0004.sig>
On Thu, Mar 5, 2009 at 3:09 AM, Chuck Campbell <campbell at accelinc.com> wrote:> Do I need to start over with a clean install again, and how do I avoid this > problem the next time I try to run updates after the install?Just my noob opinion, that if there's no practical and definitive benefit from enabling SELinux, for the time being until it is matured, the best thing to do is just set it to off. Otherwise, it just generally causes trouble and runs up tons of log as it is. I'd love to be enlightened on this though :)