On Wed, 2004-06-02 at 13:55, Tom London wrote:
('fixfiles relabel/check' now fails if run in enforcing mode ('Permission denied' for file_contexts). Works if you 'setenforce 0' first. Did I miss a change?)
No, this is a bug in the policy; setfiles_t needs r_dir_file(setfiles_t, file_context_t).
2). Also, there now is a complete absence of 'avc' messages in /var/log/messages. Is this expected?
No. Auditing disabled in latest kernel for some reason.
3). I checked the scripts on the policy rpms and it looks like the reference to 'POLICYTYPE' is gone (replaced with 'SELINUXTYPE'). Is it safe to remove the 'POLICYTYPE=strict' line from /etc/sysconfig/selinux and from /etc/selinux/config? Can I safely remove one file?
Yes, and only /etc/selinux/config should be used now.