Install of latest packages....kernel-2.6.6-1.421 fails, selinux-policy-strict-1.13.3-2 succeeds

Tom London selinux at comcast.net
Fri Jun 4 19:41:30 UTC 2004


Stephen,

That did it!  Thanks! (You saved me a lot of time, since I usually don't 
check
fedora-devel-list. I guess I should!)

I needed to use 'single enforcing=0' to do the 'fixfiles relabel'. Lots 
needed relabeling (much in /lib/modules/2.6.6-1.421/).

kernel-2.6.6-1.421 turns avc messages back on!

tom

------------------------------------------------------------------------

    * /From/: Stephen Smalley <sds epoch ncsc mil>

------------------------------------------------------------------------

On Fri, 2004-06-04 at 14:06, Tom London wrote:
> My previous workaround (do 'setenforce 0; yum ....' followed by a 
> relabel) did not work this time. The mkinitrd now fails even under 
> permissive mode:
>     kernel 100 % done 1/1
>     memlock: Cannot allocate memory
>     Couldn't lock into memory, exiting.
>     mkinitrd failed

Also reported on fedora-devel-list; I don't think it is
SELinux-related.  'ulimit -l unlimited' to workaround until a new kernel
is available.

-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency





More information about the fedora-selinux-list mailing list