Re: Setting-up Fedora-20 SELinux with Linode
On 09/15/2014 02:43 PM, Lakshmipathi.G wrote:
For past 10-12hrs, I'm try to get SELinux working with Linode
Fedora-20 machine.
I downloaded new kernel and configured like below.
linux-3.16.2]$ cat .config | grep SELINUX
CONFIG_SECURITY_SELINUX=y
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_DISABLE=y
CONFIG_SECURITY_SELINUX_DEVELOP=y
CONFIG_SECURITY_SELINUX_AVC_STATS=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX=y
Comment out or remove the above line.
As the Kconfig help text says,
Examples:
For the Fedora Core 3 or 4 Linux distributions, enable this option
and set the value via the next option. For Fedora Core 5 and
later,
do not enable this option.
If you are unsure how to answer this question, answer N.
#CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE=19 # comment
this
line and tried again.
CONFIG_DEFAULT_SECURITY_SELINUX=y
CONFIG_DEFAULT_SECURITY="selinux"
--
pv-grub menu.lst
$ cat /boot/grub/menu.lst
timeout 1
title Fedora 20, kernel 3.15.10-201.fc20.x86_64
root (hd0)
kernel /boot/vmlinuz root=/dev/xvda rootfstype=ext4 ro quiet selinux=1
---
Now during boot I get this message and it hangs there:
libsepol.policydb_write: Warning! policy version 19 cannot support
permissive types, but some were defined
===
Any thoughts on how to resolve this issue, before I give up?