Description of problem: System froze twice when I changed the selinux policy to strict. I could access anything to fix it, I had to rebuild my system twice. Version-Release number of selected component (if applicable): selininx-policy-strict 2.2.23-15 How reproducible: Happened twice using the kernel 2.6.17-1.2187_FC5smp, and the other optional kernel-similar to the above kernel. Steps to Reproduce: 1.installed selinux strict policy using kyum first time, and konsole the second time 2.Changed policy to strict in selinux 3.Rebooted-system froze twice!!! Actual results:System froze had to rebuild system twice. It couldn't kill init! Expected results: selinux to work in a stricter/safer way. Additional info: here is the info the computer gave me: /sbin/init: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Permission denied kernel panic-not syncing: Attempting to kill init!
In order to switch to strict policy, you need to follow the following steps install selinux-policy-strict change /etc/selinux/config to strict policy touch /.autorelabel reboot in permissive mode, so the relabeling will success reboot in enforcing mode. Good luck.