[Fwd: Re: who provides /etc/sysconfig/selinux?]
Daniel J Walsh
dwalsh at redhat.com
Fri Jun 4 17:24:55 UTC 2004
Stephen Smalley wrote:
>On Fri, 2004-06-04 at 10:53, Daniel J Walsh wrote:
>
>
>>Todays selinux-polcy-* RPMS attempt to handle the /etc/selinux/config
>>and /etc/sysconfig/selinux files in the post install.
>>
>>Please check them out.
>>
>>
>
>On a system that had not yet installed either selinux-policy-strict or
>selinux-policy-targeted (just policy and policy-sources and no
>/etc/selinu/config), I ran:
>yum update SysVinit libselinux
>yum install selinux-policy-targeted selinux-policy-targeted-sources
>
>It installed the targeted policy as expected, but /etc/selinux/config
>has SELINUXTYPE=strict in it.
>
>
>
Yes this is because you were running with strict policy before, so I
expected you to run with strict policy afterwards. Yum update would
have pulled both strict and targeted.
So Initial install gets targeted, upgrade from FC2 with policy gets
strict. The one hole in the strategy is upgrading a policy -> targeted
without installing strict.
Dan
More information about the fedora-selinux-list
mailing list