[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [FC3] kernel panic after selinux-policy-targeted update

From: Stephen Smalley <sds tycho nsa gov>
To: For users of Fedora Core releases <fedora-list redhat com>
Subject: Re: [FC3] kernel panic after selinux-policy-targeted update
Date: Wed, 29 Jun 2005 11:22:36 -0400

On Wed, 2005-06-29 at 12:12 -0300, Martín Marqués wrote:
> Shouldn't the update of selinux-policy-targeted force a kernel update to 
> -1.35_FC3?

The problem with older kernels wasn't known at the time, and we still
aren't sure what is causing the pervasive execmod problem in the older
kernels.  The SELinux code itself should be the same, so it seems to be
a side effect of some kernel patch that changed between -1.27 and -1.35.
Now, there will still be some execmod denials with -1.35 and the policy
needs some changes to address those denials, but those are limited to
actual cases where you have a text relocation (e.g. gpg, acroread, ...),
not programs like /sbin/init.  

-- 
Stephen Smalley
National Security Agency

References:
- [FC3] kernel panic after selinux-policy-targeted update
  - From: D. D. Brierton
- Re: [FC3] kernel panic after selinux-policy-targeted update
  - From: Ankit Jain
- Re: [FC3] kernel panic after selinux-policy-targeted update
  - From: Stephen Smalley
- Re: [FC3] kernel panic after selinux-policy-targeted update
  - From: MartÃn MarquÃ©s

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]