* [gentoo-dev] heads up for selinux
@ 2003-08-16 4:37 Chris PeBenito
2003-08-16 18:27 ` James H. Cloos Jr.
0 siblings, 1 reply; 3+ messages in thread
From: Chris PeBenito @ 2003-08-16 4:37 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1232 bytes --]
For those that don't know, SELinux was merged into 2.6.0-test3, which is
cool for SELinux users. However, it has a new API (which is also
backported to 2.4). Because of the new API, we will be changing a bunch
of the packages to use a new SELinux patch. We probably won't be doing
this for another week or two, as we need to iron out the upgrade path,
and get a doc for the upgrade. Let me know if you have any concerns.
Packages that will no longer have a SELinux patch:
dev-util/strace
sys-apps/stat (does anyone even use this?)
sys-apps/tar
Packages that will be adding or changing a SELinux patch:
app-admin/logrotate
net-misc/openssh
sys-apps/coreutils
sys-apps/findutils
sys-apps/procps
sys-apps/psmisc
sys-apps/util-linux
sys-apps/pam-login
sys-apps/vcron
sys-libs/pam
sys-libs/pwdb
Basically this will be in the DEPEND:
selinux? ( sys-libs/libselinux )
And something like this in the src_unpack:
use selinux && epatch ${FILESDIR}/${P}-selinux.diff
--
Chris PeBenito
<pebenito@gentoo.org>
Developer, SELinux
Hardened Gentoo Linux
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [gentoo-dev] heads up for selinux
2003-08-16 4:37 [gentoo-dev] heads up for selinux Chris PeBenito
@ 2003-08-16 18:27 ` James H. Cloos Jr.
2003-08-16 19:02 ` Chris PeBenito
0 siblings, 1 reply; 3+ messages in thread
From: James H. Cloos Jr. @ 2003-08-16 18:27 UTC (permalink / raw
To: Chris PeBenito; +Cc: gentoo-dev
|> sys-apps/stat (does anyone even use this?)
Just for reference, stat(1) can be a very useful app when tracking
down why things are not working as expected.
|> ... as we need to iron out the upgrade path, ...
Is there a good upgrade path from USE=-selinux to USE=selinux?
I've been compiling my kernels w/ it (for now with
CONFIG_SECURITY_SELINUX_DEVELOP=y) but have not started
working on the user side of it.
I've been waiting for a useable general purpose box w/ fine grained
capabilities¹ ever since the capability bits were added to the kernel.
(I cannot even remember how many years that is now. :)
-JimC
¹ Yes, I know there are not capabilities, but the grammer didn't look
right using 'capability bits'. :-/
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-08-16 19:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-08-16 4:37 [gentoo-dev] heads up for selinux Chris PeBenito
2003-08-16 18:27 ` James H. Cloos Jr.
2003-08-16 19:02 ` Chris PeBenito
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox