On Thu, 2004-04-01 at 10:32, Paul Bender wrote:
2. I have had no problems using the vanilla 2.6.4 kernel with the appropiate SELinux options enabled in the config
Just FYI, you'll need to use 2.6.5-rc3 if you want to be able to load newer policies; the binary policy format has changed due to an extension to the SELinux policy engine. The current FC2 devel 2.6.4 kernel includes the changes from 2.6.5-rc3, and the latest FC2 devel policy package has been rebuilt for the new policy version. Compatibility support in the kernel, checkpolicy, and SysVinit has been provided to ease the transition; the new kernel will accept either policy version (but tells userspace to try the latest version first), checkpolicy will generate the old policy version if called with -c (and the policy Makefile has a POLICYCOMPAT definition to use it), and /sbin/init will try loading an older policy version if it cannot find the latest one.