I have installed Fedora Core 4 on my machine with selinux enabled and have followed the instructions to enable MLS. Both are working.
I have compiled a 2.6.13 kernel from kernel.org with selinux enabled in my kernel. However, I am unable to boot into my 2.6.13 kernel. When I disable selinux (selinux=0) or set (enforcing=0) my kernel boots up ok. When I boot into my 2.6.13 kernel with selinux enabled, the boot hangs after the SELinux initializations and at the point I believe udev is suppose to get started.
When I tried booting into my 2.6.13 kernel with "enforcing=0 single" and did a restorecon /etc/mtab, then did a setenforce 1 to switch to enforcing mode and exited the single user shell to come up in multi-user mode, it worked. I am sure I am stepping around something. :-) (These steps are similar to those in README.mls instructions.) I did get a bunch of the following messages from "dmesg" though:
audit(1126300655.450:2839259): avc: denied { search } for pid=2199 comm="klogd" name="/" dev=tmpfs ino=1168 scontext=system_u:system_r:klogd_t:s0-s9:c0.c127 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir
I do not understand but am very curious to know why I cannot boot straight into my 2.6.13 kernel? Does 2.6.13 introduce some changes?
A colleague experienced similar problem. Has anyone else experienced this problem or can explain to me what is happening?
Thanks!
Joy Latten