On Thu, 2005-12-22 at 09:49 -0500, Stephen Smalley wrote: > In FC5, the security contexts have been extended with an additional > field for the Multi-Category Security (MCS) and Multi-Level Security > (MLS) support, see > http://www.livejournal.com/users/james_morris/5583.html > and > http://www.livejournal.com/users/james_morris/5020.html > > Older SELinux kernels with MLS support disabled (i.e. RHEL4/CentOS4, > FC3, older FC4 kernels) will reject the extended security contexts as > being invalid, which yields the error you are seeing. Some > compatibility patches were upstreamed to help with this problem, and I > think that they went into the latest FC4 kernel update, but I'm not sure > about RHEL4 yet. BTW, the MLS compatibility patch can't just be applied to the RHEL4/CentOS4 kernel as is (the patch would have no real effect by itself), because it depends on a prior patch that mainstreamed the MLS code (turning it from a compile-time option that was disabled in RHEL4 to a load-time option). The MLS code isn't even built into the RHEL4 kernel currently. So the patch would have to be reworked for it. -- Stephen Smalley National Security Agency -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list