[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: selinux policy change yields unbootable initrd
- From: Stephen Smalley <sds tycho nsa gov>
- To: Will Woods <wwoods redhat com>
- Cc: fedora-selinux-list redhat com
- Subject: Re: selinux policy change yields unbootable initrd
- Date: Mon, 19 Mar 2007 09:22:18 -0400
On Fri, 2007-03-16 at 18:26 +0000, Will Woods wrote:
> On Fri, 2007-03-16 at 14:06 -0400, Euman wrote:
>
> > Ive been following this issue on several other list and here is what
> > seems to be the problem as far as some FedoraProject see's the issue..
> >
> > Look at ->
> > http://fedoraproject.org/wiki/F7Test2/ReleaseNotes
> >
> > ->
> > [Problems with mkinitrd]
> >
> > they mention the rpm ordering issue and updating anaconda via an
> > .img pkg
>
> That's a different bug.
>
> That bug is a problem with the installer trying to install the mkinitrd
> package - it would sometimes get stuck in an infinite loop on 64-bit
> machines.
>
> My problem is that the SELinux policy is denying mkinitrd some
> permissions it needs to be able to create a working initrd.
>
> Or, rather, it *was* - it seems to work with selinux-policy-2.5.8-5.fc7.
> The changelog mentions prelink, not ldconfig, so I'm not sure what
> actually changed and whether the problem is really fixed or if I'm just
> not seeing it now.
>
> How could I get a diff between the two policies?
If you want a comparison of the actual kernel binary policies, you can
use sediff from setools to display a semantic diff of them.
--
Stephen Smalley
National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]