-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If you have a kernel that supports policy.21 and a tool chain that supports policy.22 newer versions of policy and semanage changes will update policy.22. However if there is a policy.21 around upstart will load this on a reboot. (I guess init would have done the same.) If the policy.21 does not exist libselinux will grab the highest policy version and try to load it. This is causing unlabeled_t files to be showing up. Basically if I install a new policy with a new type, and then assign the context to a file, the next reboot will cause the file to be labeled unlabeled_t. I suggest that we either remove policy versioning all together, or change libselinux to default to loading the highest policy version. Either way the current loading of policy is broken. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkf6ywoACgkQrlYvE4MpobPKuwCePdHBoGYI13pVvugI/B9veFGo 88UAoKjr7Dp5gIaVW91rfbxgJQhngLCZ =sAa6 -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
