CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX=y
Yes!! Thanks, after commenting out above option, now It worked :)
----
Cheers,
Lakshmipathi.G
FOSS Programmer.
www.giis.co.in/readme.html
On Tue, Sep 16, 2014 at 1:29 AM, Stephen Smalley <sds(a)tycho.nsa.gov> wrote:
> On 09/15/2014 02:43 PM, Lakshmipathi.G wrote:
>> For past 10-12hrs, I'm try to get SELinux working with Linode Fedora-20
machine.
>> I downloaded new kernel and configured like below.
>>
>>
>> linux-3.16.2]$ cat .config | grep SELINUX
>> CONFIG_SECURITY_SELINUX=y
>> CONFIG_SECURITY_SELINUX_BOOTPARAM=y
>> CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
>> CONFIG_SECURITY_SELINUX_DISABLE=y
>> CONFIG_SECURITY_SELINUX_DEVELOP=y
>> CONFIG_SECURITY_SELINUX_AVC_STATS=y
>> CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
>
CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX=y
>
> Comment out or remove the above line.
> As the Kconfig help text says,
> Examples:
> For the Fedora Core 3 or 4 Linux distributions, enable this option
> and set the value via the next option. For Fedora Core 5 and
> later,
> do not enable this option.
>
> If you are unsure how to answer this question, answer N.
>
>
>> #CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE=19 # comment this
>> line and tried again.
>> CONFIG_DEFAULT_SECURITY_SELINUX=y
>>
>>
>> CONFIG_DEFAULT_SECURITY="selinux"
>>
>> --
>> pv-grub menu.lst
>> $ cat /boot/grub/menu.lst
>> timeout 1
>> title Fedora 20, kernel 3.15.10-201.fc20.x86_64
>> root (hd0)
>> kernel /boot/vmlinuz root=/dev/xvda rootfstype=ext4 ro quiet selinux=1
>>
>> ---
>> Now during boot I get this message and it hangs there:
>>
>> libsepol.policydb_write: Warning! policy version 19 cannot support
>> permissive types, but some were defined
>>
>> ===
>>
>> Any thoughts on how to resolve this issue, before I give up?
>
>
>