1 |
I'm pretty overwhelmed by selinux...It doesn't really make all that much |
2 |
sense, but one thing that's been bothering me is what looks like a |
3 |
policy version mismatch after a kernel upgrade: |
4 |
|
5 |
# cat /selinux/policyvers |
6 |
17 |
7 |
|
8 |
Yet, |
9 |
|
10 |
# make load |
11 |
* Loading policy.15 |
12 |
|
13 |
And selinux does not function at all. (Entering enforcing mode just |
14 |
renders the system unusable.) The system worked fine in enforcing mode |
15 |
(with a few exceptions: djbdns/daemontools, and a few other minor |
16 |
things) with kernel 2.6.3-mm2. With kernels 2.6.5-mm1, 2.6.5-mm6 I get |
17 |
totally wonky, unpredictable behavior. (Like, I get asked for a login |
18 |
context sometimes, but not all the time.) I also don't get avc denied |
19 |
messages anymore, and a make relabel doesn't spit out errors, but a |
20 |
dmesg (after a make relabel) contains thousands of: |
21 |
|
22 |
inode_doinit_with_dentry: context_to_sid(system_u:object_r:opt_t) |
23 |
returned 22 for dev=md0 ino=96815665 |
24 |
|
25 |
Any ideas? |
26 |
|
27 |
Cheers, |
28 |
|
29 |
jon |
30 |
|
31 |
-- |
32 |
gentoo-hardened@g.o mailing list |