rawhide report: 20040331 changes
Stephen Smalley
sds at epoch.ncsc.mil
Thu Apr 1 13:30:15 UTC 2004
On Wed, 2004-03-31 at 11:07, Tim Waugh wrote:
> A word of warning: the version number of the policy file has changed
> in the kernel but some userland bits aren't in sync with it, causing
> file context labelling not to get done. Fresh installs are likely to
> fail.
What userland bits caused a problem, so that we can avoid similar
problems in the future? Compatibility should have been preserved:
- the new kernel included code to accept either the new or old policy
format
- checkpolicy already included support for generating either policy
format
- SysVinit already included support for loading either policy format
It is true that the newer policy features can't be used until the policy
package is updated to start building the new policy format, but that
shouldn't have prevented continued operation of the new kernel with the
older policy.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-devel-list
mailing list