Installing the new policy
Stephen Smalley
sds at epoch.ncsc.mil
Wed Jun 2 16:32:01 UTC 2004
On Sat, 2004-05-29 at 15:49, Bob Gustafson wrote:
> I wonder if the main problem is a missing /etc/selinux/config file which
> probably tells pieces of the system which of the policy-strict, etc. files
> to use (??)
Yes, you need to create it manually at present, I think. It replaces
/etc/sysconfig/selinux (so you still need a SELINUX=enforcing line) and
adds a SELINUXTYPE= definition to indicate the active policy (e.g.
strict or targeted).
> I updated my system and did a 'yum install policy\*` (maybe also
> selinux-policy\* too)
You need an updated libselinux, policycoreutils, and SysVinit in
addition to selinux-policy-strict or selinux-policy-targeted. And you
need to relabel to get the right types on the /etc/selinux tree.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list