Daniel J Walsh wrote:
Paul Moore wrote:
Dan's latest MLS policy RPM (as well as some past versions) has a
patch in it, mlspol.patch, which contains the following change for
initial_sid_contexts:
-sid kernel system_u:system_r:kernel_t:s0 - s9:c0.c127
+sid kernel system_u:system_r:kernel_t:s9:c0.c127
From what I can tell this causes some problems, the biggest of which
being that init starts at s9 which can cause the system to die on boot
when trying to fsck the filesystems. I'm not entirely sure why this
change was made as I would think we would want the kernel to run at
s0-s9 or at the very least s0. Can someone clue me in as to why we
want to run the kernel at s9 or, Dan, can you change it back to s0 - s9?
Thanks,
I will go with either way. I don't recall why the change was made.
If given a choice I would say s0 - s9 makes the most sense.
--
. paul moore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. paul.moore@xxxxxx hewlett packard
. (603) 884-5056 linux security
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
