1 |
Hey all, |
2 |
|
3 |
I encountered the same problems, I solved them by not loading the |
4 |
SELinux policy from within the chroot, see below. |
5 |
|
6 |
>>> Errors: |
7 |
>>> |
8 |
>>> ERROR sys_kernel/hardened-sources-2.6.11-r15 failed |
9 |
>>> function dyn_preinst, Line 1231 Exitcode 1 |
10 |
>>> Failed to set SELinux Security Labels. |
11 |
>>> |
12 |
>>> |
13 |
> DP> I wish I could tell you exactly where the correct CD is, but I've |
14 |
> DP> forgotten. I can just assure you that it is possible to browse the |
15 |
> DP> mirror and find an SELinux LiveCD. One other problem with it... the |
16 |
> DP> included kernel is too old for nptl. |
17 |
> |
18 |
> |
19 |
|
20 |
<snip> |
21 |
|
22 |
> Today I had same problems. |
23 |
> i've used livecd-x86-selinux-20040616-1.iso and stage3-x86-selinux-piessp-20050726.tar.bz2 |
24 |
> |
25 |
|
26 |
I use the same stage and this livecd: |
27 |
|
28 |
"http://my.gentoo.mirror.tld/gentoo/experimental/x86/hardened/livecd/hardened-x86-2005.1.iso" |
29 |
|
30 |
IIRC I encounter the "Failed to set SELinux Security Labels." error |
31 |
message when I somehow try to load the selinux policy from within the |
32 |
chroot. I simply don't bother about the policy at this stage and just |
33 |
relabel the fs after first boot. I have FEATURES="loadpolicy" commented |
34 |
out in make.conf to prevent portage from loading the policy from within |
35 |
the chroot. I haven't used nptl, but the livecd I use has a pretty |
36 |
recent kernel (2.6.11?), so I guess that shouldn't be a problem. |
37 |
|
38 |
Ewald Wasscher |