| 1 |
Hey all, |
| 2 |
|
| 3 |
I encountered the same problems, I solved them by not loading the |
| 4 |
SELinux policy from within the chroot, see below. |
| 5 |
|
| 6 |
>>> Errors: |
| 7 |
>>> |
| 8 |
>>> ERROR sys_kernel/hardened-sources-2.6.11-r15 failed |
| 9 |
>>> function dyn_preinst, Line 1231 Exitcode 1 |
| 10 |
>>> Failed to set SELinux Security Labels. |
| 11 |
>>> |
| 12 |
>>> |
| 13 |
> DP> I wish I could tell you exactly where the correct CD is, but I've |
| 14 |
> DP> forgotten. I can just assure you that it is possible to browse the |
| 15 |
> DP> mirror and find an SELinux LiveCD. One other problem with it... the |
| 16 |
> DP> included kernel is too old for nptl. |
| 17 |
> |
| 18 |
> |
| 19 |
|
| 20 |
<snip> |
| 21 |
|
| 22 |
> Today I had same problems. |
| 23 |
> i've used livecd-x86-selinux-20040616-1.iso and stage3-x86-selinux-piessp-20050726.tar.bz2 |
| 24 |
> |
| 25 |
|
| 26 |
I use the same stage and this livecd: |
| 27 |
|
| 28 |
"http://my.gentoo.mirror.tld/gentoo/experimental/x86/hardened/livecd/hardened-x86-2005.1.iso" |
| 29 |
|
| 30 |
IIRC I encounter the "Failed to set SELinux Security Labels." error |
| 31 |
message when I somehow try to load the selinux policy from within the |
| 32 |
chroot. I simply don't bother about the policy at this stage and just |
| 33 |
relabel the fs after first boot. I have FEATURES="loadpolicy" commented |
| 34 |
out in make.conf to prevent portage from loading the policy from within |
| 35 |
the chroot. I haven't used nptl, but the livecd I use has a pretty |
| 36 |
recent kernel (2.6.11?), so I guess that shouldn't be a problem. |
| 37 |
|
| 38 |
Ewald Wasscher |
Archives