Kernel 2.4 on fc2 with selinux?
Stephen Smalley
sds at epoch.ncsc.mil
Thu Jun 3 13:07:14 UTC 2004
On Wed, 2004-06-02 at 18:46, maillist at wolke7.net wrote:
> because lacks of sys_call_table in kernel 2.6 and other
> I must "downgrade" kernel on fc2 from 2.6 to 2.4,
> but selinux should works furtheron.
If that is the only reason that you don't want to use 2.6, then you
might want to reconsider. You can certainly discover the location of
the system call table at module insertion time, but you should really
consider rewriting your module to use a better technique.
> Is the nsa patch and the clean kernel enough
> (http://www.nsa.gov/selinux/code/download3.cfm),
> or any|all of the fc1 patches must be apply to works properly?
The NSA patch is relative to the ea+acl+nfsacl+sec patch from
acl.bestbits.at, since SELinux now relies on extended attributes for
file security contexts. Hence, you would first apply the EA patch and
then apply the NSA patch. Not sure about the other kernel patches in
the FC1 2.4 kernel.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list