On Wed, 01 Dec 2004 11:08:31 -0500, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > Tom London wrote: > Can you try selinux-policy-strict-1.19.8-4 out on my > > ftp://people.redhat.com/dwalsh/SELinux/Fedora > > I added can_exec_any(bootloader_t) which should allow it to run > consoletype. Not sure what the > etc_t:file execute is about, the others are just because you are running > under permissive mode. > > Dan > Dan, Thanks for the updated policy. I installed via 'rpm -Uvh' both selinux-policy-strict and selinux-policy-strict-sources, rpm -e'ed the latest kernel install, and redid 'yum update' with strict/enforcing. Got the following: Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing: kernel 100 % done 1/1 /bin/bash: /root/.bashrc: Permission denied Installed: kernel.i686 0:2.6.9-1.1008_FC4 Complete! [The usual output}. No avc's in log, and it looks like files under /boot were successfully installed. Thanks! tom -- Tom London
