Version change failure
Stephen Smalley
sds at epoch.ncsc.mil
Thu Oct 28 12:28:20 UTC 2004
On Thu, 2004-10-28 at 00:40, Barry Roomberg wrote:
> I’ve just updated (via yum) a newly installed fedora box.
>
> It thinks my policy should be version 18.
>
> But my make load produced 17.
>
> Ooops.
>
>
>
> What to I need to do to synchronize them?
You can workaround this problem by patching your policy Makefile to load
the policy version it just built rather than the one the kernel is
requesting. A corresponding patch for our policy Makefile is below, but
you will likely have to apply by hand as it has diverged from the FC2
one. Newer kernels do accept older policy versions for backward
compatibility. But you would likely do better to just install FC3 at
this point, switch to strict policy, relabel, and reboot, as SELinux
support in FC2 seems to be stale and unmaintained (not entirely
surprising, since SELinux was disabled by default in it, unlike FC3).
Index: policy/Makefile
===================================================================
RCS file: /nfshome/pal/CVS/selinux-usr/policy/Makefile,v
retrieving revision 1.54
diff -u -r1.54 Makefile
--- policy/Makefile 6 Oct 2004 20:15:11 -0000 1.54
+++ policy/Makefile 14 Oct 2004 17:30:44 -0000
@@ -106,7 +106,7 @@
$(SETFILES) -q -c $(POLICYVER) $(FC)
reload tmp/load: install
- $(LOADPOLICY) $(POLICYPATH)/policy.`cat /selinux/policyvers`
+ $(LOADPOLICY) $(LOADPATH)
touch tmp/load
load: tmp/load
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list