On Wed 5 May 20:07:23 2010, Petter Reinholdtsen wrote:
[Martin Orr]
With sysvinit 2.88dsf-2 there are no such messages and policy is
never loaded.
Hm, that is nasty. Any idea what is wrong with the relevant code in
src/init.d? The current one look like this:
The differences between the old and new code are:
- the sense of the is_selinux_enabled() test is reversed
- /proc is mounted, but I think that this is irrelevant in my case
because /proc should be already mounted by the initrd.
Presumably the thinking here is that is_selinux_enabled() should return
1 on a system configured to use SELinux, 0 otherwise, and that the test
was previously broken because of not mounting /proc. However
is_selinux_enabled() only returns 1 after a policy has been loaded, so
it is of no use to init in trying to find out whether it should load an
initial policy.
I do not know the selinux stuff myself, so I need help from someone
who can test fixes. :)
I am happy to test things. I shall ask on the SELinux list and with
init upstream what init should be happening here.
Best wishes,
Martin Orr
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
