| 1 |
On Fri, 2004-01-09 at 05:41, Tiago Lima wrote: |
| 2 |
> What do you mean by "relabel (devfsd at least)" ? |
| 3 |
|
| 4 |
Actually, I take this back, you should to a full relabel, since the new |
| 5 |
base-policy is being merged. When I say full relabel, I mean go to the |
| 6 |
policy dir and 'make relabel'. When I said relabel devfsd, I meant |
| 7 |
'rlpkg devfsd'. |
| 8 |
|
| 9 |
> So for now just deleting the devfsd.te and devfsd.fc files and "make load" (or |
| 10 |
> make reload ?) and make relabel (followed by a reboot ?) should work ? |
| 11 |
|
| 12 |
Correct. |
| 13 |
|
| 14 |
> $ make initrd |
| 15 |
|
| 16 |
If you're using the /sbin/seinit on the kernel command line, you don't |
| 17 |
need to use an initrd anymore. The initrd for just the policy does not |
| 18 |
include any kernel modules, so it is not dependant on the kernel |
| 19 |
version. If you wanted to change the name of it, you could modify the |
| 20 |
INITRD= in the policy Makefile. The current policy version is 15 |
| 21 |
(notice the binary policy file is policy.15), and just as long as the |
| 22 |
kernel supports this policy version, the policy in the initrd is |
| 23 |
compatible. Don't worry about the policy version changing, it rarely |
| 24 |
changes, and if it does, you'll hear about it from me :) . |
| 25 |
|
| 26 |
-- |
| 27 |
Chris PeBenito |
| 28 |
<pebenito@g.o> |
| 29 |
Developer, |
| 30 |
Hardened Gentoo Linux |
| 31 |
Embedded Gentoo Linux |
| 32 |
|
| 33 |
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243 |
| 34 |
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243 |
Archives