On Tue, 2008-07-08 at 11:10 +0200, Jan Kasprzak wrote: > Hello, > > how do I enable SELinux on a custom kernel? I have looked into > the system initrd, and it seems the policy is loaded by the "loadpolicy" > command in nash. Is it possible to use SELinux with Fedora without > having to use initrd? Prior to Fedora 9, Fedora used a patched /sbin/init program to perform the initial policy load (it would load policy and then re-exec itself in order to enter the correct domain). Fedora 9 switched over to loading policy from the initrd. Your options would seem to be: - use an initrd (easiest), - re-patch your /sbin/init program, - try to do it from inittab or rc.sysinit (but the problem there is that it doesn't get /sbin/init itself into the right domain). -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
