[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SE Linux in Etch



On Sun, Oct 15, 2006 at 12:56:50AM -0500, Manoj Srivastava wrote:
>         As per Bug#390760We are at a point where we can support a
>  targeted SELinux policy, at least in permissive mode, I suggest that
>  we ship SELinux installed, but turned off by default; and a README or
>  a short shell script fr the local administrator to enable
>  SELinux. Our support at this point is better in some respects to any
>  other distribution (selecting and installing modular policy modules,
>  for instance). All the core packages support SELinux (unlike in, say,
>  Ubuntu).

>         We can do this by adding selinux-policy-refpolicy-targeted,
>  and the dependencies, to the installer.

>         With the help of
>   apt-rdepends --dotty selinux-policy-refpolicy-targeted
>  I have managed to determine that the packages not already included in
>  Priority Standard are:
> ,----[ Additional packages required ]
> | Package: selinux-policy-refpolicy-targeted
> | Size: 1232692
> | Installed-Size: 16712
> |
> | Package: policycoreutils
> | Size: 348324
> | Installed-Size: 3304
> |
> | Package: libsemanage1-dev
> | Size: 333718
> | Installed-Size: 2076
> |
> | Package: libsemanage1
> | Size: 70910
> | Installed-Size: 296
> |
> | Package: python-semanage
> | Size: 115336
> | Installed-Size: 648
> |
> | Package: python-selinux
> | Size: 61788
> | Installed-Size: 308
> |
> | Package: python-support
> | Size: 22934
> | Installed-Size: 104
> `----

>         The size of the .debs for targeted policy is 2185702
>  Bytes. This has been discussed on the debian-installer list, as well
>  as in the bug log, and the decision was to make these 7 packages
>  standard, if possible.

>         Could the override file be changed, please?

I've given the ok to aj on IRC, but just to confirm here, the RMs are ok
with having these overrides changed for etch.

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/



Reply to: