[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

bits about SE Linux

Brian May has taken over woody back-ports of SE Linux code, this is good as I 
can concentrate on Sarge now.

Brian has an apt repository for SE Linux packages on woody:
deb http://www.microcomaustralia.com.au/debian/ stable selinux

My repository for SE Linux packages on unstable is:
deb http://www.coker.com.au/selinux/ ./

The reason I have a separate repository is that I am producing SE patched 
versions of dpkg, login, cron, ssh, logrotate, and coreutils which I can't 
upload to unstable.  The main packages selinux, selinux-policy, and 
kernel-patch-2.?-lsm are in unstable.

I'll probably be personally running 5 SE Linux server machines in live 
production environments in 4 sites in two countries by the end of the week.

The tutorial at Linux Kongress didn't go as well as I had hoped, but the 
audience seemed reasonably happy anyway.  At that session I found a number of 
bugs which are now fixed (including one security bug), so the testing did a 
lot of good.  I am thinking about where to hold the next tutorial or training 
session on SE Debian.  I wonder if there's demand for commercial training 
sessions yet...

For those of you who were silly enough to believe the FUD, one of the NSA 
employees on the SE Linux project worked until after 11PM last night 
(according to date stamps and time zone info in his email headers) merging 
some policy patches from me and other people into his CVS tree.  If the NSA 
was going to drop support for SE Linux then I'm sure he'd have found 
something more exciting to do on a Friday night than merge patches into 

There is no point PGP/GPG signing an email unless the signature can be
verified.  If you post to a list then don't sign the message unless your
key is available on public key servers and has been signed by someone
who is in the web of trust, otherwise you just waste bandwidth and CPU.

Reply to: