2.3-9 simplified the method for is_selinux_enabled() to be faster and doesn't create deadlocks. This change broke systems with SELinux enabled but without selinux-policy package installed. This update adds a check of existence of /etc/selinux/config. In case there's no such file in a system, SELinux is considered disabled even if it's running on SELinux enabled kernel.
sudo dnf upgrade --advisory=FEDORA-2015-8908
|submitted||4 years ago|
|in testing||4 years ago|
|in stable||3 years ago|
|0||0||#1219045 changes to is_selinux_enabled() renders machines unbootable which never had selinux installed or active|
|0||0||#1219718 matchpathcon_init_prefix() does not behave as advertised|