install of kernel-2.6.7-1.492: mkinitrd fails in strict/enforcing .......
Russell Coker
russell at coker.com.au
Sat Jul 17 01:39:43 UTC 2004
> To fix, I'd suggest adding getattr to any allow rule where read
> permission is granted in bootloader.te, or replacing uses of "read" with
> the r_file_perms macro.
The attached patch is needed to make it complete. However this is something
we may want to reconsider, currently we don't include policy in the initrd so
bootloader_t has no need to read it.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff
Type: text/x-diff
Size: 509 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20040717/e52b0b4c/attachment.bin
More information about the selinux
mailing list