[CentOS] Centos 5.x SElinux issues

Wed Mar 4 21:06:53 UTC 2009
Phil Schaffner <Philip.R.Schaffner at NASA.gov>

Chuck Campbell wrote:
> I did a complete clean install of CentOS 5 from CD yesterday.
> I took the default selinux configuration.
> 
> After that I ran yum update and found 600 plus updates and installs.

That's a lot of updates.  Do you really mean CentOS 5 rather than 5.2?

> I let it go to do the updates and during that process I saw a large number of 
> issues in the selinux troubleshooter.
> 
> I also see these kinds of things in /var/log/messages:
> 
> **Unmatched Entries** (Only first 10 out of 49031 are printed)
>   audit: audit_backlog=262 > audit_backlog_limit=256
>   audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=256
>   audit: backlog limit exceeded
>   audit: audit_backlog=262 > audit_backlog_limit=256
>   audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=256
>   audit: backlog limit exceeded
> .
> .
> .
> 
> This makes me wonder if I've now got a corrupt system because of partial
> installs/upgrades on a number of packages ?
> 
> Do I need to start over with a clean install again, and how do I avoid this
> problem the next time I try to run updates after the install?

Could try putting selinux in permissive mode, or disabling, before 
updating - then restoring to the more secure level; however, that should 
not be necessary.

Phil