Ownership of the Local SE Linux PolicyOwnership of the Local SE Linux Policy
A large part of the disagreement about the way to manage the policy seems to be based on who will be the primary “owner” of the policy on the machine.[...]
Tag: Selinux
SE Linux Policy Packaging for a DistributionSE Linux Policy Packaging for a Distribution
Caleb Case (Ubuntu contributer and Tresys employee) has written about the benefits of using separate packages for SE Linux policy modules [1]. Firstly I think it’s useful to consider some[...]
Lenny SE Linux on the DesktopLenny SE Linux on the Desktop
I have been asked about the current status of Lenny SE Linux on the Desktop. The first thing to consider is the combinations of policies and configurations. I will number[...]
Upgrading SE Linux PolicyUpgrading SE Linux Policy
When I first packaged the SE Linux policy for Debian the only way to adjust the policy was to edit the source files and recompile. Often changes that you might[...]
Postfix and chrootPostfix and chroot
I have written a script named postfix-nochroot to disable the chroot functionality of Postfix. I plan to initially include this in the selinux-basics package in Debian, but if the script[...]
selinux-activateselinux-activate
I have written a script for Debian named selinux-activate which is included in selinux-basics version 0.3.3+nmu1 (which I have uploaded to Debian/Unstable). The script when run with no parameters will[...]
Installing SE Linux on LennyInstalling SE Linux on Lenny
Currently Debian/Lenny contains all packages needed to run SE Linux apart from the policy. The policy package is missing because it needs to sit in unstable for a while before[...]
SE Linux in Lenny StatusSE Linux in Lenny Status
SE Linux is almost ready to use in Lenny. Currently I am waiting on the packages libsepol1 version 2.0.30-2, policycoreutils 2.0.49-3, and selinux-policy-default version 0.0.20080702-4 to make their way to[...]
SE Linux Policy LoadingSE Linux Policy Loading
One of the most significant tasks performed by a SE Linux system is loading the “policy“. The policy is the set of rules which determine what actions are permitted by[...]
New SE Linux Policy for LennyNew SE Linux Policy for Lenny
I have just uploaded new SE Linux policy packages for Debian/Unstable which will go into Lenny (provided that the FTP masters approve the new packages in time). The big change[...]