Bug 431111 - initramfs needs to be able to load SELinux policy
initramfs needs to be able to load SELinux policy
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: mkinitrd (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Peter Jones
Fedora Extras Quality Assurance
:
Depends On:
Blocks: upstart 431115
  Show dependency treegraph
 
Reported: 2008-01-31 15:16 EST by Bill Nottingham
Modified: 2014-03-16 23:12 EDT (History)
4 users (show)

See Also:
Fixed In Version: 6.0.30-1.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-25 16:00:41 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch! (2.39 KB, patch)
2008-01-31 15:16 EST, Bill Nottingham
no flags Details | Diff

  None (edit)
Description Bill Nottingham 2008-01-31 15:16:37 EST
Description of problem:

Patch attached, as discussed on SELinux lists.

Version-Release number of selected component (if applicable):

mkinitrd-6.0.28-3.fc9.x86_64
Comment 1 Bill Nottingham 2008-01-31 15:16:37 EST
Created attachment 293643 [details]
Patch!
Comment 2 Jeremy Katz 2008-01-31 15:55:18 EST
With this patch, if you change your selinux settings, you also have to rebuild
your initrd.  Which is kind of crappy
Comment 3 Bill Nottingham 2008-01-31 16:00:43 EST
It reads the config from the root fs, not the initrd.
Comment 4 Jeremy Katz 2008-02-01 11:34:07 EST
It reads the config from the rootfs when we build the initrd.  Sourcing the file
from the script running in nash is going to be ugly, though.  And another
built-in is just piling on more hacks.  Must. bash-ify. initrd.
Comment 5 Bill Nottingham 2008-02-01 11:37:43 EST
Well, you can just always add 'load_policy'  instead; it won't do anything if
it's not configured at the time it boots.
Comment 6 Bill Nottingham 2008-02-25 16:00:41 EST
This should be fixed in 6.0.30-1.

Note You need to log in before you can comment on or make changes to this bug.