A few 'minor' items noted:
1). The install produced protection/access messages when attempting to write/create /etc/selinux/strict/policy/policy.17 (the usual 'creating in .rpmnew' thing). Did this once for selinux-policy-strict and once for selinux-policy-strict-sources.
(I had just completed a 'fixfiles relabel' with selinux-policy-strict-1.13.2-2, so I'm confident that the /etc/selinux directory was properly labeled.)
I then did a manual 'mv policy.17 policy.17.rpmsave; mv policy.17.rpmnew policy.17', rebooted single-user, and did a 'fixfiles relabel', and then rebooted multi-user.
('fixfiles relabel/check' now fails if run in enforcing mode ('Permission denied' for file_contexts). Works if you 'setenforce 0' first. Did I miss a change?)
2). Also, there now is a complete absence of 'avc' messages in /var/log/messages. Is this expected?
3). I checked the scripts on the policy rpms and it looks like the reference to 'POLICYTYPE' is gone (replaced with 'SELINUXTYPE'). Is it safe to remove the 'POLICYTYPE=strict' line from /etc/sysconfig/selinux and from /etc/selinux/config? Can I safely remove one file?
Thanks for the updates! tom
