Stephen Smalley wrote:
On Fri, 2004-06-04 at 10:53, Daniel J Walsh wrote:Yes this is because you were running with strict policy before, so I expected you to run with strict policy afterwards. Yum update would have pulled both strict and targeted.
Todays selinux-polcy-* RPMS attempt to handle the /etc/selinux/config and /etc/sysconfig/selinux files in the post install.
Please check them out.
On a system that had not yet installed either selinux-policy-strict or selinux-policy-targeted (just policy and policy-sources and no /etc/selinu/config), I ran: yum update SysVinit libselinux yum install selinux-policy-targeted selinux-policy-targeted-sources
It installed the targeted policy as expected, but /etc/selinux/config has SELINUXTYPE=strict in it.
So Initial install gets targeted, upgrade from FC2 with policy gets strict. The one hole in the strategy is upgrading a policy -> targeted without installing strict.
Dan
