SELinux silently disabled on boot under 2.6.14/2.6.14.2 on FC3 system ?
Dave Jones
davej at redhat.com
Mon Nov 14 18:00:09 UTC 2005
On Mon, Nov 14, 2005 at 12:07:00PM -0500, Bill Nottingham wrote:
> CC'ing Dave.
>
> Stephen Smalley (sds at tycho.nsa.gov) said:
> > In rawhide, /sbin/init has been changed to use a libselinux helper
> > function to load policy that is more resilient in several respects, and
> > I think that the plan was to back port those changes to FC3 if/when a
> > 2.6.14 kernel is released for it.
>
> 2.6.14 for FC3 isn't planned, as far as I know.
Correct. FC3 will stay at 2.6.12 until end of life.
Any remaining kernel updates will likely be security errata only
at this point.
> > FC4 is still ok since there has only
> > been one version increment since it was shipped, but will encounter the
> > same issue when/if another version increment occurs and the
> > corresponding kernel is released for it, so it should also get the
> > new /sbin/init and libselinux helper code.
>
> Hm, OK. We'll probably need poked again if/when that happens.
FC4 will continue to rebase to newer upstream kernels until a few
months before its end of life. (As has happened with FC3).
Dave
More information about the fedora-selinux-list
mailing list