Hello, a new kickstart RPM - with this version, polyinstantiation should work again in enforcing mode, and some other issues have been fixed. Thanks to Linda and George for their contributions!
IMPORTANT: this REQUIRES post-beta-snapshot updated packages, the ks script will instruct you in the postinstall section about the details. I used the following for i386: http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/os/Fedora/RPMS/selinux-policy-2.4.6-9.fc7.noarch.rpm http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/os/Fedora/RPMS/selinux-policy-devel-2.4.6-9.fc7.noarch.rpm http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/os/Fedora/RPMS/selinux-policy-mls-2.4.6-9.fc7.noarch.rpm http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/os/Fedora/RPMS/selinux-policy-strict-2.4.6-9.fc7.noarch.rpm http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/os/Fedora/RPMS/selinux-policy-targeted-2.4.6-9.fc7.noarch.rpm http://people.redhat.com/sgrubb/files/lspp/kernel-2.6.18-1.2840.2.1.el5.lspp.57.i686.rpm http://people.redhat.com/sgrubb/files/lspp/kernel-devel-2.6.18-1.2840.2.1.el5.lspp.57.i686.rpm http://people.redhat.com/dwalsh/SELinux/RHEL5/i386/pam-0.99.6.2-3.6.el5.i386.rpm http://people.redhat.com/dwalsh/SELinux/RHEL5/i386/pam-devel-0.99.6.2-3.6.el5.i386.rpm Known issues: - generates a broken grub config (need to change root from (hd1,0) to (hd0,0) when booting). - RPM segfaults and/or corrupts the database when installing RPMs in the postinstall. Try again if that happens. Changes: Polyinstantiation fixups (these only work with new dwalsh PAM package) Add glibc-devel.ppc which wasn't being installed Disable custom policy other than the audit additions Use "load_policy -b"; print instructions for needed extra packages add /etc/mtab workaround; remove obsolete commented-out FIXME code (this fixes the initial boot in enforcing mode, fixfiles wasn't running) RPM download: http://klaus.vh.swiftco.net/lspp/SRPMS/ http://klaus.vh.swiftco.net/lspp/RPMS/noarch/ Git repository: http://klaus.vh.swiftco.net/lspp/git/ -Klaus -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
