[Pkg-sysvinit-devel] Bug#330592: init segfault when /selinux exists
but a policy can't be loaded
David Härdeman
david at hardeman.nu
Thu Nov 2 10:05:40 CET 2006
On Wed, November 1, 2006 23:08, James Westby said:
> It seems clear that the actions I described do not trigger a segfault
> like the original report, however it is not clear to me that these
> actions are the ones from the original report.
>
> Ernest has stated that he did not have a policy installed, which I find
> very odd, as I believe SELinux will not try and load a policy if one has
> not been installed.
>From reading the source (of version -20), init will try to load a policy
provided that:
1) /selinux is available; and
2) selinuxfs can be successfully mounted on /selinux
The kernel command line options doesn't seem to matter for whether the
policies are loaded or not.
> Thinking about it now it is conceivable that the bug was fixed by a
> change in a different package, either:
>
> * The kernel no longer tries to initialise SELinux by default (I doubt
> it ever did though).
>
> * SELinux used to try and load a policy even if one has not been
> configured/installed.
* One of the libraries that init depends on had a bug which has been
fixed
--
David Härdeman
More information about the Pkg-sysvinit-devel
mailing list