[FC3] kernel panic after selinux-policy-targeted update

Stephen Smalley sds at tycho.nsa.gov
Tue Jun 28 15:20:03 UTC 2005


On Tue, 2005-06-28 at 23:11 +1000, Ben Stringer wrote:
> Everything seems to be back to normal. My next steps (when I can afford
> the time of having the laptop unavailable) will be to boot into the new
> kernel. still using the previous policy file, confirm all is good with
> that, then re-apply the new policy update and see if the same problems
> occur.

When/if you do that, put the machine into permissive mode (setenforce
0), clear /var/log/messages, and enable syscall auditing (auditctl -e 1)
prior to applying the policy update.  It would also help to run one of
the failing programs under strace and collect that output.

-- 
Stephen Smalley
National Security Agency




More information about the fedora-list mailing list