I did a yum update and then launched preupgrade. It downloaded all the necessary F10 RPMs and said it was ready for reboot. I rebooted into the installer and was greeted with an error message saying it couldn't find the RPM repository. I surmised that the installer hadn't mounted my /var partition (Preupgrade creates a local RPM repository at /var/cache/yum/preupgrade/). I did some searching and found Bugzilla bug 473782, which describes this exact problem. The fix was to reboot back into Fedora 9 and install Preupgrade 1.0.1-1 from the testing repository with the following command:
yum --enablerepo=updates-testing-newkey update preupgrade
I then launched Preupgrade again, rebooted into the installer, and successfully upgraded from Fedora 9 to Fedora 10. I rebooted into Fedora 10 and did a full yum update. I then noticed that I couldn't SSH into this Fedora 10 machine using SSH keys anymore. I did some more searching and found Bugzilla bug 473014. It seems that the upgrade process changes the SELinux security context on the user .ssh directories. The fix is to run the following command as root:
Haven't seen any other problems so far.
restorecon -r /home/*/.ssh
1 comment:
Man, thanks for this post. Saved me a ton of time! That's a new SELinux type that I hadn't seen before, so when I upgraded from F8 to F10, this totally snagged me.
For reference: ~/.ssh should have the following context:
system_u:object_r:ssh_home_t:s0
Then all's well. In prior distributions, it was:
system_u:object_r:unlabeled_t:s0
And the errors in my audit.log looked like this:
type=AVC msg=audit(1237917540.001:138): avc: denied { search } for pid=8172 comm="sshd" name=".ssh" dev=md3 ino=56590337 s
context=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
Again, thanks!
Post a Comment