On Thu, 2004-10-14 at 13:21, Kodungallur Varma wrote: > when I "make load" a new policy I have the following sequence > in the console.. <snip> > /usr/sbin/load_policy /etc/security/selinux/policy.`cat /selinux/policyvers` > Can't open '/etc/security/selinux/policy.18': No such file or directory > make: *** [tmp/load] Error 2 > ---------------------------------------------------- > the last two lines...why is it trying to open policy.18...I dont even > have it and in the last line it says error. is there some way to fix > it. thanx a lot.. Are you using Fedora Core 2 with an updated kernel? SELinux support was broken in Fedora Core 2 by a couple of kernel updates due to a lack of any coordinated update to policy and related tools; complain in bugzilla to RedHat. Two different changes occurred in the kernel, I think; new initial SID for re-opening closed descriptors to /dev/null, and new policy version for fine-grained netlink classes. You can workaround the immediate problem by editing your policy Makefile and replacing: $(LOADPOLICY) $(POLICYPATH)/policy.`cat /selinux/policyvers` with: $(LOADPOLICY) $(LOADPATH) But I'd recommend installing Fedora Core 3 / test3 instead, then switch to strict policy via system-config-securitylevel and reboot if you want the strict policy (vs. the default in FC3, the targeted policy). FC2 SELinux support seems to be unmaintained, AFAICS. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
