On Thu, 31 Jan 2008, James Morris wrote:
Some SELinux changes have just been merged upstream, which include a
bump
in the SELinux policy version to support dynamic querying of policy
capabilities.
The new maximum supported policy version is 22, so we need this in
.config:
CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE=22
Actually, we don't. Update from Stephen Smalley:
----
Shouldn't actually be needed (or desired). That config option is only
when we need to force /selinux/policyvers to a specific value other than
the real max supported by the kernel, and was introduced for legacy
compatibility with Fedora 3 and 4, as noted in the help text. And the
option won't even be set at all unless its parent option
(CONFIG_SECURITY_SELINUX_POLICYDB_MAX) is set.
Currently unset in Fedora devel CVS, as desired.
----
--
James Morris
<jmorris(a)namei.org>