Research
Skip Research Menus
Research MenuSecurity Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links |
SELinux Mailing ListRe: selinux-policy-mls is now available for your testing pleasure.
From: Paul Moore <paul.moore_at_hp.com>
Date: Wed, 20 Apr 2005 08:54:55 -0400
>> 5 Enabled the MLS policy via the Fedora GUI tool and ensured that the >> relabel option was selected >> 6 Rebooted with the new MLS policy only to have the machine lock, >> it wasn't able to execute something related to init (I should have >> taken better notes here - sorry) > > > You still need to perform the manual mointpoint relabeling per the MLS > readme. > Yup, figured that one out the hard way ... ;) ... just figured I would mention it here since Dan's original post didn't make any reference to having to do any manual relabel operations. >>10 Rebooted with 'single' and noticed lots of permission denied >> messages pertaining to '/dev/.udevdb/*' files > > Odd, I haven't seen that. Taking a bit of a closer look, the files with a permission denied error seem to be missing a SELinux context as well as any permission flags as well as an owner and group (ls -Z fills the fields in with a '?'). I'll try fixing them manually (or maybe just deleting them since it looks like udev recreates them on boot anyway) and see what happens.
> Did you update to all of the new SELinux packages in Dan's FTP directory? Not originally no, but looking at them this morning all the versions I have installed are the same versions as Dan's or newer. I also noticed that Dan setup that directory as a YUM repository so I added it to my list and did a yum update - no new/updated packages. >>12 Rebooted normally, i.e. 'rhgb quiet 5', and X failed to start > > > Haven't tried X yet, not sure it's supposed to work. > > > - James -- . paul moore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . paul.moore@hp.com hewlett packard . (603) 884-5056 linux security -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Wed 20 Apr 2005 - 08:59:53 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |