[RFC] change policy loading to initramfs
John Reiser
jreiser at BitWagon.com
Thu Jan 24 02:00:22 UTC 2008
Bill Nottingham wrote:
> The snippet you quoted *does* print strerror(errno)... there are
> various other errors that the SELinux routines catch, but they
> aren't propagated up in any way that that patch could catch.
So it looks like the message for a missing file might be:
Unable to load SELinux policy (No such file or directory). Halting now.
This is exactly what happened to me in F8, and it was horrible:
https://bugzilla.redhat.com/show_bug.cgi?id=343861
The ultimate cause was a bug in pungi:
https://bugzilla.redhat.com/show_bug.cgi?id=343851
but the error was not discovered until install time (anaconda),
and the error message did not give the name of [any] missing file.
It is unacceptable to say "No such file or directory" unless
it also gives the full literal name of some such file that was
sought, and could have been used (if present and correctly formatted, etc.)
The missing filename turned out to be:
/etc/selinux/targeted/policy/policy.21
*IF* that filename had appeared with the original message:
Can't load policy: no such file or directory
then it would have been *very* much easier to debug and fix.
--
More information about the fedora-selinux-list
mailing list