Caveat: checkpolicy broken with respect to policy
Stephen Smalley
sds at epoch.ncsc.mil
Thu Aug 26 19:37:34 UTC 2004
Hi,
policy 1.17.3 and later are not being handled properly by checkpolicy,
because the update that was supposed to go out with checkpolicy-1.16.2
was not built properly due to a packaging mistake. End result: All
reserved ports are remapped to reserved_port_t, and most daemons will
fail during startup due to a lack of name_bind permission, at least with
strict policy. Fixed checkpolicy should be available soon.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list