Re: coreutils with selinux support
On Wed, 23 Jul 2003 17:58, Brian May wrote:
> In answer to your question in the bug report, currently SE-Linux users
> install a patched coreutils (as well as shadow (login), cron, ssh,
> devfsd, logrotate, fcron, stat, procps, and psmisc) from Russell's
devfsd is not modified. The conflicts for devfsd is because the sample
configuration files for the old version of devfsd messed up SE Linux
permissions on terminal devices.
The other packages listed above are all modified by necessity.
> archive (unstable) or my archive (stable). A modified version of dpkg
> is also required, it runs a script after dpkg installs a package that
> updates the file labels for the new files in the package.
Eventually dpkg will have enough functionality that the standard dpkg will do
all that I require. It may be some time though.
> Also I don't think SE-Linux will compile under *all* architectures yet
> which is also a big problem.
The current version of SE Linux compiles under UML, i386, and ARM. It could
be easily ported to M68k and any other architecture that does not support
multiple word sizes (SPARC and PPC are problemmatic for this).
The next version (which is going to be in 2.6.0) will not have any special
system calls and will use /proc for such things. Therefore it should compile
on all platforms without effort. At that time we can work more seriously on
getting SE Linux into main.
The next version may be back-ported to 2.4.x. Hopefully that will happen and
then I can get all of this (apart from the modified dpkg) into main before
the next release.
For those of you at OLS, Stephen Smalley's BOF will cover these issues (on the
kernel side - I will give a little talk about the Debian issues if there is
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page