Re: [RFC] Changing priority of selinux back to optional

[Erich Schubert <erich@debian.org>]

Hi everyone,
There is no real "SELinux team" anymore that could say yes or no to
anything I figure. The SELinux people at Debian were mostly Manoj, RJC
and myself. I havn't heard anything from Manoj in months, I'm not able
to do any actual SELinux work anymore and while RJC updated his SELinux
Demo machine (http://www.coker.com.au/selinux/play.html) at some point,
I havn't heard any plans from hin to 'revive' SELinux in Debian, but he
is actively advocating SELinux and actively blogging:
  http://etbe.coker.com.au/tag/selinux/
and he has some somewhat-updated packages in his repository:
  http://www.coker.com.au/dists/etch/selinux
Make sure to talk to him, but other than that I'd suggest you just
hijack/NMU the relevant packages.

There is an updated policy package I did early this year at
 http://selinux.alioth.debian.org/experimental/refpolicy/
which is after the strict/targeted merge. It's also using my own
packaging, it's not based on Manojs work. He reproduced some of the
things I did in Perl, while I'm still using my python+sh code, which in
my opinion is superior in some cases I believe (I never tried his
packages!). I don't know if his module auto installation still loads one
module after the other, or if it's done in one pass like I do. I also
introduced some module guessing and upgrading (!) code I don't know if
he has yet adopted, so make sure to investigate both packages.

Make sure to also investigate the new Ubuntu efforts that Reinhard
pointed out. It would be best to join efforts here. Caleb Case is using
a tresys email address, that is where refpolicy upstream lives.

best regards,
Erich Schubert
-- 
     erich@(vitavonni.de|debian.org)    --    GPG Key ID: 4B3A135C     (o_
 A man doesn't know what he knows until he knows what he doesn't know. //\
              Es lohnt sich nicht, die Augen aufzumachen,              V_/_
                     wenn der Kopf im Sand steckt.