[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide report: 20040331 changes

On Wed, 2004-03-31 at 11:07, Tim Waugh wrote:
> A word of warning: the version number of the policy file has changed
> in the kernel but some userland bits aren't in sync with it, causing
> file context labelling not to get done.  Fresh installs are likely to
> fail.

What userland bits caused a problem, so that we can avoid similar
problems in the future?  Compatibility should have been preserved:
- the new kernel included code to accept either the new or old policy
- checkpolicy already included support for generating either policy
- SysVinit already included support for loading either policy format

It is true that the newer policy features can't be used until the policy
package is updated to start building the new policy format, but that
shouldn't have prevented continued operation of the new kernel with the
older policy.

Stephen Smalley <sds epoch ncsc mil>
National Security Agency

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]