Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Policy backward compatibility
From: Stephen Smalley <sds_at_epoch.ncsc.mil>
Date: Thu, 08 Apr 2004 13:09:32 -0400
Yes, I think so. Might be a front-end wrapper for checkpolicy that calls the right checkpolicy-{kernelrelease} binary to generate the policy for that kernel release.
> What would the scheme be if you had to for some reason boot an older kernel If you include the kernel release in the policy pathname (e.g. /etc/security/selinux/`uname -r`/policy), as with kernel modules (/lib/modules/`uname -r`), then the old policy should still be there and should be used by the older kernel if you reboot it. -- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 8 Apr 2004 - 13:09:46 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |