You willingly chose to use Redhat/Fedora. Now endure the pain! :-)
I just wished I hadn't! 5 minutes ago I found yet ANOTHER bug - this
time in selinux-policy - the SELinux context on all iptables executables
is set wrong simply because whoever wrote the policy choose the wrong
location of these files - in FC13 they are all installed in /sbin, but
iptables.fc says /usr/sbin so the context is not set. Lovely stuff!
Since the 2 kmod-* and xtabbles-addons rpms do not recognise the custom-built
string after the kernel version -
Sounds like another Fedora problem. I know it works in openSUSE,
but that is probably because they make sure the custom string is
actually _in_ the version (as evidenced by `uname -r`).
So is on FC13 - I just checked and it is displayed - version + custom
string. The problem is that the scripts are actually looking for the
kernel numbers, ASSUMING there is nothing after it. How daft is that?
Yes, someone made a big boo and furthermore did not send the fix to
-stable (actually I don't know that), but what I know is that it
did not appear in -stable yet. And then there is that 2.6.34 is
no longer maintained. Let alone distros mostly don't even think
about updating. So everybody using linux-glibc-devel-2.6.34
(that is the userspace package providing /usr/include/linux) is
screwed.
http://bugs.gentoo.org/show_bug.cgi?id=325257
I just found that out to my cost - need to download the patch, update my
source and rebuild the kernel again, then rinse, repeat with xtables and
hope that it works.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
