Comments on: SE Linux Policy Packaging for a Distribution http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/ Linux, politics, and other interesting things Thu, 09 Feb 2012 01:09:24 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Ownership of the Local SE Linux Policy | etbe - Russell Coker http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15380 Ownership of the Local SE Linux Policy | etbe - Russell Coker Tue, 19 Aug 2008 12:16:47 +0000 http://etbe.coker.com.au/?p=712#comment-15380 [...] Comments etbe on SE Linux Policy Packaging for a DistributionMatthew W. S. Bell on SE Linux Policy Packaging for a DistributionScott Kitterman on SE Linux Policy [...] [...] Comments etbe on SE Linux Policy Packaging for a DistributionMatthew W. S. Bell on SE Linux Policy Packaging for a DistributionScott Kitterman on SE Linux Policy [...]

]]> By: etbe http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15379 etbe Tue, 19 Aug 2008 10:44:19 +0000 http://etbe.coker.com.au/?p=712#comment-15379 Matthew: I'm not sure if you are saying that my suggestion for working around the problem was bad or Michael's request for having it work on such a machine was a bad idea. http://doc.coker.com.au/papers/porting-se-linux-hand-held-devices/ For reference in the past I've got SE Linux working on a machine with 64M of storage (see the above URL). I did this by building the policy on another machine and copying the image to the target machine. I think that is the best way to deal with really small machines. The issue is what areas I can spend time working on. I can't fix all bugs or tune the system for the desires of all users. Incidentally I run a bunch of Xen virtual machines with small amounts of storage. The machine which hosts my blog has 3G of disk space assigned to it of which 1.4G is free. A router would need significantly less storage space (unless you want to have a Squid cache on the CF). Matthew: I’m not sure if you are saying that my suggestion for working around the problem was bad or Michael’s request for having it work on such a machine was a bad idea.

http://doc.coker.com.au/papers/porting-se-linux-hand-held-devices/

For reference in the past I’ve got SE Linux working on a machine with 64M of storage (see the above URL). I did this by building the policy on another machine and copying the image to the target machine. I think that is the best way to deal with really small machines.

The issue is what areas I can spend time working on. I can’t fix all bugs or tune the system for the desires of all users.

Incidentally I run a bunch of Xen virtual machines with small amounts of storage. The machine which hosts my blog has 3G of disk space assigned to it of which 1.4G is free. A router would need significantly less storage space (unless you want to have a Squid cache on the CF).

]]> By: Matthew W. S. Bell http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15375 Matthew W. S. Bell Tue, 19 Aug 2008 02:02:54 +0000 http://etbe.coker.com.au/?p=712#comment-15375 @etbe: WRT embedded systems: that's a really stupid argument, isn't it? (So bad I thought about adding an expletive.) Yes, you could run a whole load of custom scripts to set up a common environment, but that would completely obliterate the point of a having distribution. Muppet. @etbe: WRT embedded systems: that’s a really stupid argument, isn’t it? (So bad I thought about adding an expletive.) Yes, you could run a whole load of custom scripts to set up a common environment, but that would completely obliterate the point of a having distribution. Muppet.

]]> By: Scott Kitterman http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15374 Scott Kitterman Tue, 19 Aug 2008 01:05:12 +0000 http://etbe.coker.com.au/?p=712#comment-15374 I think that's not an unreasonable characterization. I think that’s not an unreasonable characterization.

]]> By: etbe http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15373 etbe Mon, 18 Aug 2008 23:20:10 +0000 http://etbe.coker.com.au/?p=712#comment-15373 Caleb: The postinst in the Debian packages does this. Look for the population of %map at about line 65. Also I disagree with your claim about security and will cover it in my next post. Anon: That would never work, I'll cover it in my next post. Scott: I've updated the post to describe Caleb as a contributer. Is that correct? Caleb: The postinst in the Debian packages does this. Look for the population of %map at about line 65.

Also I disagree with your claim about security and will cover it in my next post.

Anon: That would never work, I’ll cover it in my next post.

Scott: I’ve updated the post to describe Caleb as a contributer. Is that correct?

]]> By: Scott Kitterman http://etbe.coker.com.au/2008/08/18/se-linux-policy-packaging-distribution/comment-page-1/#comment-15371 Scott Kitterman Mon, 18 Aug 2008 15:44:14 +0000 http://etbe.coker.com.au/?p=712#comment-15371 Caleb Case is not an Ubuntu developer. He did some SE Linux package work that was sponsored into Ubuntu during a period with SE Linux in Debian was dormant, but since then we've rebased everything on Debian's packages. Caleb Case is not an Ubuntu developer. He did some SE Linux package work that was sponsored into Ubuntu during a period with SE Linux in Debian was dormant, but since then we’ve rebased everything on Debian’s packages.

]]>