* mkinitrd setup script problem
@ 2003-11-26 23:15 Dale Amon
2003-11-27 3:07 ` Russell Coker
0 siblings, 1 reply; 2+ messages in thread
From: Dale Amon @ 2003-11-26 23:15 UTC (permalink / raw)
To: Russell Coker; +Cc: Dale Amon, SE Linux
I seem to be having a little problem:
edbe policycoreutils/policycoreutils_1.2-0.2_i386.deb *
Installs
/sbin/load_policy
and a link
/usr/sbin/load_policy -> /sbin/load_policy
edbe selinux-policy-default_1.2.real-10_all.deb
Installs
/etc/mkinitrd/scripts/selinux
which contains the line:
cp -a /usr/sbin/load_policy "$INITRDDIR/bin/load_policy
When you do mkinitrd, you end up with
/initrd/bin/load_policy linked to /initrd/sbin/load_policy
but there is no /initrd/sbin/load_policy.
Did this just happen in the last day or two???
--
------------------------------------------------------
Dale Amon amon@islandone.org +44-7802-188325
International linux systems consultancy
Hardware & software system design, security
and networking, systems programming and Admin
"Have Laptop, Will Travel"
------------------------------------------------------
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: mkinitrd setup script problem
2003-11-26 23:15 mkinitrd setup script problem Dale Amon
@ 2003-11-27 3:07 ` Russell Coker
0 siblings, 0 replies; 2+ messages in thread
From: Russell Coker @ 2003-11-27 3:07 UTC (permalink / raw)
To: Dale Amon; +Cc: SE Linux
On Thu, 27 Nov 2003 10:15, Dale Amon <amon@vnl.com> wrote:
> Installs
> /sbin/load_policy
> and a link
> /usr/sbin/load_policy -> /sbin/load_policy
This is because /sbin/init executes load_policy in the current Debian package.
When I update it to match Dan's new code this won't matter, but until then
load_policy needs to be on the root fs. For the long term I think that
load_policy should be on the root fs to allow the most possible configuration
options for users.
> Installs
> /etc/mkinitrd/scripts/selinux
> which contains the line:
> cp -a /usr/sbin/load_policy "$INITRDDIR/bin/load_policy
The next version of my policy package will fix this. I haven't tested this
for a while as I don't use initrd any more.
When compiling a kernel for your own use an initrd usually does not offer much
(except for unusual situations such as nfs-root - which often don't work with
SE Linux). I have had some problems with the Debian mkinitrd script recently
and decided not to use it for any of my machines.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-11-27 3:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-11-26 23:15 mkinitrd setup script problem Dale Amon
2003-11-27 3:07 ` Russell Coker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.