On Fri, 18 Jan 2008, Valdis.Kletnieks@xxxxxx wrote: > Posting to both lists because I'm not sure who's at fault here.... > > System is a Dell Latitude D820, x86_64 kernel, userspace is basically > Fedora Rawhide as of earlier today, in particular selinux-policy-mls-3.2.5-12.fc9 > > Trying to boot a 2.6.24-rc8-mm1 kernel gets me these msgs: > > security: 5 users, 8 roles, 2043 types, 102 bools, 16 sens, 1024 cats > security: 67 classes, 164754 rules > security: class peer not defined in policy > security: permission recvfrom in class node not defined in policy > security: permission sendto in class node not defined in policy > security: permission ingress in class netif not defined in policy > security: permission egress in class netif not defined in policy > security: permission forward_in in class packet not found in policy, bad policy > security: the definition of a class is incorrect This looks the same as what akpm hit. Paul Moore has updated his labeled networking patches (see Subject: [RFC PATCH v12 00/18] Labeled networking changes for 2.6.25), and you could try dropping those into the broken out -mm in place of the existing git patch, or just wait for a new -mm. > > 2.6.24-rc6-mm1 said this instead: > > security: class peer not defined in policy > security: permission recvfrom in class node not defined in policy > security: permission sendto in class node not defined in policy > security: permission ingress in class netif not defined in policy > security: permission egress in class netif not defined in policy > SELinux: policy loaded with handle_unknown=deny > > and then proceeded to work OK. > > (I suspect this may be the same thing Andrew Morton hit, but I can't be sure). > > Anybody got hints on how to move forward? Or is a fixed policy already in the > Rawhide pipe? > > -- James Morris <jmorris@xxxxxxxxx> -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
