On Fri, 2010-01-08 at 15:51 -0500, Joshua Brindle wrote: > Joshua Brindle wrote: > > > > > > Stephen Smalley wrote: > >> On Fri, 2010-01-08 at 15:19 -0500, Joshua Brindle wrote: > <snip> > > oops, I foolishly scanned looking for policy.kern. > > > > No, it is worse than that, I wasn't actually running the code I was > claiming to (as evidenced by the priority level and hll files) > > Up to patch 4 my /var/lib/selinux now looks like this: > > [root@F12 active]# find /var/lib/selinux/ > /var/lib/selinux/ > /var/lib/selinux/targeted > /var/lib/selinux/targeted/semanage.read.LOCK > /var/lib/selinux/targeted/semanage.trans.LOCK > /var/lib/selinux/targeted/active > /var/lib/selinux/targeted/active/modules > /var/lib/selinux/targeted/active/modules/abrt.pp > /var/lib/selinux/targeted/active/modules/ada.pp > ... > /var/lib/selinux/targeted/active/modules/xguest.pp > /var/lib/selinux/targeted/active/modules/zabbix.pp > /var/lib/selinux/targeted/active/modules/zebra.pp > /var/lib/selinux/targeted/active/modules/zosremote.pp > /var/lib/selinux/targeted/active/base.pp > /var/lib/selinux/targeted/active/file_contexts.template > /var/lib/selinux/targeted/active/homedir_template > /var/lib/selinux/targeted/active/users_extra > /var/lib/selinux/targeted/active/commit_num > /var/lib/selinux/tmp > > > so I don't have any final files in targeted anymore, though I didn't try > to stop semodule half-way and look in tmp. I haven't tried only up through patch 4, only with all 13 patches applied. Also, I have all Fedora policies installed (yum install selinux-policy*), so I have mls, targeted, and minimum, although targeted is the active one. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
