Todd Miller wrote: > libsepol.cat_copy_callback: awstats: Category c1000 not declared by > base. libsemanage.semanage_link_sandbox: Link packages failed > /usr/sbin/semodule: Failed! > make: *** [load] Error 1 This looks like an issue with overriding the default redhat policy and the non-default number of categories they support. If I install things into a separate tree under /etc/selinux the check in sepol_policydb_set_vers() doesn't get triggered at all by semodule since p->mls will not be set due to automatic downgrading in policydb_write(). So I'm not sure how we could do both automatic downgrading for the kernel load but not for semodule (or if we'd even want to). - todd -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
