[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: getting started with SELinux



On Sat, 29 Nov 2003 11:46, Forrest L Norvell <ogd@aoaioxxysz.net> wrote:
> > > un  libselinux-dev        <none>                (no description
> > > available) ii  libselinux1           1.2-1.1               SELinux
> > > shared libraries un  libselinux1-dev       <none>                (no
> > > description available) un  old-selinux-policy    <none>               
> > > (no description available) ii  selinux               2003081307-8      
> > >    Management utilities for
> >
> > "selinux" should be removed, it is for the old SE Linux.  It should have
> > been automatically removed because of conflicting with the new packages.
>
> I removed selinux and updated to the new version of coreutils (which
> is necessary even though I'm running a 2.4.x kernel -- is this

The new coreutils is not strictly necessary, I try to set the dependencies to 
drag in the modified coreutils so that "ls" etc can do what you want.  There 
is a bug in my coreutils package in that "cp" copies the security.selinux 
xattr even if you don't ask it to, this currently breaks Debian package 
building in enforcing mode (I'll fix it soon).

> weird?), which fixed my policy problems, and now I have a policy
> installed and loaded. Now I have a question about devfs: I use devfs +
> devfsd, but I don't have devfs-se.so, nor do I know where to find

Devfs is not supported by the new SE Linux (which you are using).  Devfs is on 
the way out, so the NSA people do not consider it to be worth their effort to 
support it.  If someone contributes kernel code patches to make it work 
properly then such patches will probably be accepted.  But if that doesn't 
happen then devfs won't be supported.

I have been using and supporting devfs for years, but this compelled me to 
start removing devfs from my systems.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



Reply to: