On 09/15/2014 02:43 PM, Lakshmipathi.G wrote:
> For past 10-12hrs, I'm try to get SELinux working with Linode Fedora-20 machine.
> I downloaded new kernel and configured like below.
>
>
> linux-3.16.2]$ cat .config | grep SELINUX
> CONFIG_SECURITY_SELINUX=y
> CONFIG_SECURITY_SELINUX_BOOTPARAM=y
> CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
> CONFIG_SECURITY_SELINUX_DISABLE=y
> CONFIG_SECURITY_SELINUX_DEVELOP=y
> CONFIG_SECURITY_SELINUX_AVC_STATS=y
> CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
> CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX=y
Comment out or remove the above line.
As the Kconfig help text says,
Examples:
For the Fedora Core 3 or 4 Linux distributions, enable this option
and set the value via the next option. For Fedora Core 5 and
later,
do not enable this option.
If you are unsure how to answer this question, answer N.
> #CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE=19 # comment this
> line and tried again.
> CONFIG_DEFAULT_SECURITY_SELINUX=y
>
>
> CONFIG_DEFAULT_SECURITY="selinux"
>
> --
> pv-grub menu.lst
> $ cat /boot/grub/menu.lst
> timeout 1
> title Fedora 20, kernel 3.15.10-201.fc20.x86_64
> root (hd0)
> kernel /boot/vmlinuz root=/dev/xvda rootfstype=ext4 ro quiet selinux=1
>
> ---
> Now during boot I get this message and it hangs there:
>
> libsepol.policydb_write: Warning! policy version 19 cannot support
> permissive types, but some were defined
>
> ===
>
> Any thoughts on how to resolve this issue, before I give up?
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
