policy version jumped to 18

policy version jumped to 18

[Luke Kenneth Casson Leighton]

arg, wot a pain.

i am doing an install on another machine, just for fun
(and prior to doing an upgrade on another).

this is with my lovely 2.6.6-selinux1 kernel.

policy version being reported by the kernel i am using is 17.

checkpolicy is being a pain and reporting that it does version 18.

therefore, a make install does this:

creates a policy.conf file, and creates a .17 file (somewhere) because
that's what the kernel supports.

checkpolicy is then used to find what to check, which says "i do version 18".

consequently, i don't get anywhere.

hack-time...

-- 
-- 
Information I post is with honesty, integrity, and the expectation that
you will take full responsibility if acting on the information contained,
and that, should you find it to be flawed or even mildly useful, you
will act with both honesty and integrity in return - and tell me.
--
<a href="http://lkcl.net">      lkcl.net      </a> <br />
<a href="mailto:lkcl@lkcl.net"> lkcl@lkcl.net </a> <br />


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: policy version jumped to 18

[Luke Kenneth Casson Leighton]

On Sat, Jul 31, 2004 at 01:06:34PM +0100, Luke Kenneth Casson Leighton wrote:

> arg, wot a pain.
> 
> i am doing an install on another machine, just for fun
> (and prior to doing an upgrade on another).
> 
> this is with my lovely 2.6.6-selinux1 kernel.
> 
> policy version being reported by the kernel i am using is 17.
> 
> checkpolicy is being a pain and reporting that it does version 18.
> 
> therefore, a make install does this:
> 
> creates a policy.conf file, and creates a .17 file (somewhere) because
> that's what the kernel supports.
> 
> checkpolicy is then used to find what to check, which says "i do version 18".
> 
> consequently, i don't get anywhere.
> 
> hack-time...

 nope, didn't work.  boot-up of the 2.6.6 kernel went "eek, i
 only support versions 15-17".

 oh well.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: policy version jumped to 18

[Erich Schubert]

Hi Luke,
when you use policy utilities and policy files for version 18 you
probably should upgrade your kernel to support verison 18, too.
I had the same problem; i hacked the makefile so the tools explicitely
generate a version 17 policy, but the better way to get the kernel patch
from the selinux homepage and just build a kernel with version 18.

Greetings,
Erich


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: policy version jumped to 18

[Luke Kenneth Casson Leighton]

On Sat, Jul 31, 2004 at 06:11:29PM +0200, Erich Schubert wrote:
> Hi Luke,
> when you use policy utilities and policy files for version 18 you
> probably should upgrade your kernel to support verison 18, too.
 
 ha :)

> I had the same problem; i hacked the makefile so the tools explicitely
> generate a version 17 policy, but the better way to get the kernel patch
> from the selinux homepage and just build a kernel with version 18.

 well, i grabbed the source code from sf.net instead, along with
 apt-get source kernel-image-2.6.7-k7, copied /usr/src/k..../config/k7
 and enabled the selinux stuff.

 so far so bad... :)

 l.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: policy version jumped to 18

[Stephen Smalley]

On Sat, 2004-07-31 at 08:06, Luke Kenneth Casson Leighton wrote:
> policy version being reported by the kernel i am using is 17.
> 
> checkpolicy is being a pain and reporting that it does version 18.
> 
> therefore, a make install does this:
> 
> creates a policy.conf file, and creates a .17 file (somewhere) because
> that's what the kernel supports.
> 
> checkpolicy is then used to find what to check, which says "i do version 18".
> 
> consequently, i don't get anywhere.

checkpolicy -c n will generate policy version n (-c for compatibility).

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.