From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QkICk-0000nc-Pp for garchives@archives.gentoo.org; Fri, 22 Jul 2011 16:03:58 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0A29121C0F5; Fri, 22 Jul 2011 16:03:48 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id C9B2121C0F5 for ; Fri, 22 Jul 2011 16:03:48 +0000 (UTC) Received: from pelican.gentoo.org (unknown [66.219.59.40]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 561491BC015 for ; Fri, 22 Jul 2011 16:03:48 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by pelican.gentoo.org (Postfix) with ESMTP id 7465D8003D for ; Fri, 22 Jul 2011 16:03:47 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <210e1a5d6a2449cf779802f976fd2c5acde3c8ed.SwifT@gentoo> Subject: [gentoo-commits] proj/hardened-docs:master commit in: xml/selinux/ X-VCS-Repository: proj/hardened-docs X-VCS-Files: xml/selinux/hb-using-install.xml X-VCS-Directories: xml/selinux/ X-VCS-Committer: SwifT X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: 210e1a5d6a2449cf779802f976fd2c5acde3c8ed Date: Fri, 22 Jul 2011 16:03:47 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: eed03f261cf5f84e8ae6b57e16f6837c commit: 210e1a5d6a2449cf779802f976fd2c5acde3c8ed Author: Sven Vermeulen siphos be> AuthorDate: Fri Jul 22 16:03:32 2011 +0000 Commit: Sven Vermeulen siphos be> CommitDate: Fri Jul 22 16:03:32 2011 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-docs= .git;a=3Dcommit;h=3D210e1a5d Add reference to bug 373381 for the time being --- xml/selinux/hb-using-install.xml | 15 +++++++++++---- 1 files changed, 11 insertions(+), 4 deletions(-) diff --git a/xml/selinux/hb-using-install.xml b/xml/selinux/hb-using-inst= all.xml index 6d493e1..d620b05 100644 --- a/xml/selinux/hb-using-install.xml +++ b/xml/selinux/hb-using-install.xml @@ -7,8 +7,8 @@ =20 -11 -2011-07-21 +12 +2011-07-22 =20
Installing Gentoo Hardened @@ -393,13 +393,20 @@ Build and install the new Linux kernel and its modu= les. =20

-Next, edit /etc/fstab and add the following line: +Next, edit /etc/fstab and add the following two lines:

=20 -
+
+# The udev mount is due to bug #373381
+udev   /dev        tmpfs        rw,rootcontext=3Dsystem_u:object_r:devic=
e_t,seclabel,nosuid,relatime,size=3D10m,mode=3D755  0 0
 none   /selinux    selinuxfs    defaults    0 0
 

=20
+
+In case of an MLS/MCS policy, you need to have the context with sensitiv=
ity
+level, so ...:device_t:s0.
+
+
 

 Make the /selinux mountpoint as well: