1 |
Ok, that makes sense, Mike. |
2 |
The fact that my policies had not been loaded (see postings of a couple |
3 |
of days ago) seems |
4 |
to have done a number on my system. I think I'll do a complete emerge |
5 |
world tonight.. |
6 |
|
7 |
--john |
8 |
|
9 |
Mike Edenfield wrote: |
10 |
> John Huttley wrote: |
11 |
>> Hi, |
12 |
>> I've had a situation where most of my daemons were running in the |
13 |
>> initrc_t domain. |
14 |
>> Although the correct selinux-* packages were emerged, the polices |
15 |
>> were not loaded, due to issues with the base policy. |
16 |
>> |
17 |
>> |
18 |
>> I've reemerged the affected packages and that seems to fix the problem. |
19 |
>> |
20 |
>> Is this a general truth? The selinux-xx policy must be emerged, |
21 |
>> installed and running ./before/ emerging the xx package? |
22 |
> |
23 |
> I think this is true, that the policy should be in place before the |
24 |
> package is installed. This way, all of the file contexts and type |
25 |
> rules are in place before the binaries are installed and launched. |
26 |
> |
27 |
> However, if you have "selinux" in your USE flags, portage should pick |
28 |
> up the proper policy packages and emerge them, in the right order, |
29 |
> automatically. |
30 |
> |
31 |
-- |
32 |
gentoo-hardened@g.o mailing list |