How to apply new policy exactly?

"Benjamin Tsai" <benjamin.tsai@xxxxxxxxxxxxxx> · Mon, 11 Sep 2006 19:08:20 +0800

Dear all:

           I’ve
downloaded refpolicy source from tresys’s website and tried to install it on my
FC5 box. 

           However,
there’re some problems I’m not able to fix it so far. According to online
documents, I first setenforce 0.

           In
build.conf I enabled DISTRO=redhat, then make install-src under
/etc/selinux/refpolicy

make conf; make policy;
make install; make load under /etc/selinux/refpolicy/src/policy

1.       While
executing make load, it replied that policy file argument policy.20 is no
longer supported, The next line showed “continue…”

I was so confused here
that it looked like refpolicy is not loaded yet. So how do I feed it a “supported
policy file”?

2.       Besides,
is there any way I can check if the policy is loaded? My guess is sestatus.

3.       If
I neglected the “loading-policy-thing” and make relabel directly, then I’ll got

Relabeling filesystem types: ext2 ext3 xfs jfs

/usr/sbin/setfiles
/etc/selinux/refpolicy/contexts/files/file_contexts / /boot

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 79 has invalid context system_u:object_r:quota_db_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 121 has invalid context system_u:object_r:svc_svc_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 139 has invalid context system_u:object_r:ipsec_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 147 has invalid context system_u:object_r:ipsec_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 153 has invalid context system_u:object_r:ipsec_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 189 has invalid context system_u:object_r:ipsec_mgmt_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 213 has invalid context system_u:object_r:ipsec_mgmt_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 214 has invalid context system_u:object_r:ipsec_exec_t

/etc/selinux/refpolicy/contexts/files/file_contexts: 
line 245 has invalid context system_u:object_r:portage_exec_t

Exiting after 10 errors.

make: *** [relabel] Error 1

           Though,
I believe this error comes after the unmatched running policy.

Please give me some instructions
to fix up problems listed above. Thank you guys J

Best
Regards,

Benjamin Tsai

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list