New design for policy on disk allowing multiple policy rpms to be simultaniously installed.
Bill Nottingham
notting at redhat.com
Tue May 25 19:37:58 UTC 2004
Daniel J Walsh (dwalsh at redhat.com) said:
> 5. Tools and libraries (fixfiles, libselinux, init, and setools) will be
> modified to use the /etc/sysconfig/selinux file to determine which
> policy to currently use on the system and where the policy files are
> located.
>
> 6. If during the install /etc/sysconfig/selinux does not exist or does
> not contain an entry for the type of policy, the first one installed
> will set the context to itself.
>
> cat /etc/sysconfig/selinux
> #
> # Change the following line to enforcing, permissive or disabled.
> # On the next boot the machine will come up in one the selected mode
> #
> SELINUX=enforcing
> #
> # Select the type of policy that you are running current values are
> # strict and targeted
> #
> SELINUXTYPE=strict
This requires rewriting the config tool to handle this (and not
blow it away each time it's run... currently it will.)
Bill
More information about the fedora-selinux-list
mailing list