[refpolicy] Building MLS/MCS policy
sds at tycho.nsa.gov
Tue Jan 26 07:41:44 CST 2010
On Tue, 2010-01-26 at 08:40 -0500, Stephen Smalley wrote:
> On Mon, 2010-01-25 at 23:34 +0100, Guido Trentalancia wrote:
> > Hold on actually...
> > It rebooted with the same standard policy and not with the MCS policy.
> > Hmmm... This problem is persisting ! What should I do ?
> Yes, that makes sense - when libsemanage couldn't load the MCS policy,
> it rolled back to the previous one.
> What you need to do is to install the MCS policy to a different policy
> store (change NAME= in build.conf), then change your /etc/selinux/config
> to point to that store, then reboot.
Actually, there may be an easier way: you should be able to pass the -n
option to semodule when installing the MCS policy, and then it won't try
to load it. That should allow it to succeed, at which point you can
National Security Agency
More information about the refpolicy