public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-hardened] Stabilizing the new selinux profiles
@ 2011-08-21 11:10 Anthony G. Basile
  2011-08-21 12:03 ` Mike Edenfield
  0 siblings, 1 reply; 4+ messages in thread
From: Anthony G. Basile @ 2011-08-21 11:10 UTC (permalink / raw
  To: gentoo-hardened

Hi everyone,

Back in May, I added new feature/selinux profiles which we would like to
stabilize soon.  These were structured to parallel the
selinux/v2refpolicy profiles but with the idea that they could be added
as a feature to any existing profile.

There are no open bugs out against them, so we are clear to stabilize,
but I would like feedback from the community about their use, especially
since the next step might be to deprecate the older profiles.  (Don't
panic!  It would not happen anytime soon if at all.  And you would get
ample warnings.)

Either we haven't hit any bugs with the new profiles because of low
usage or because there just aren't any, so community feedback about
their use and usefulness would be appreciated.


Ref.

[1] https://bugs.gentoo.org/show_bug.cgi?id=365483

-- 
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [gentoo-hardened] Stabilizing the new selinux profiles
  2011-08-21 11:10 [gentoo-hardened] Stabilizing the new selinux profiles Anthony G. Basile
@ 2011-08-21 12:03 ` Mike Edenfield
  2011-08-21 20:03   ` Matt Thode
  0 siblings, 1 reply; 4+ messages in thread
From: Mike Edenfield @ 2011-08-21 12:03 UTC (permalink / raw
  To: gentoo-hardened; +Cc: Anthony G. Basile

On 8/21/2011 7:10 AM, Anthony G. Basile wrote:
> Hi everyone,
>
> Back in May, I added new feature/selinux profiles which we would like to
> stabilize soon.  These were structured to parallel the
> selinux/v2refpolicy profiles but with the idea that they could be added
> as a feature to any existing profile.
>
> There are no open bugs out against them, so we are clear to stabilize,
> but I would like feedback from the community about their use, especially
> since the next step might be to deprecate the older profiles.  (Don't
> panic!  It would not happen anytime soon if at all.  And you would get
> ample warnings.)
>
> Either we haven't hit any bugs with the new profiles because of low
> usage or because there just aren't any, so community feedback about
> their use and usefulness would be appreciated.

I'm using them on all of my SELinux systems now and haven't 
noticed any issues with them, and I have at least one of 
each (x86, amd64, and amd64-multilib).

--Mike



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [gentoo-hardened] Stabilizing the new selinux profiles
  2011-08-21 12:03 ` Mike Edenfield
@ 2011-08-21 20:03   ` Matt Thode
  2011-08-21 21:01     ` Anthony G. Basile
  0 siblings, 1 reply; 4+ messages in thread
From: Matt Thode @ 2011-08-21 20:03 UTC (permalink / raw
  To: gentoo-hardened; +Cc: Anthony G. Basile

[-- Attachment #1: Type: text/plain, Size: 1169 bytes --]


On Aug 21, 2011, at 7:03 AM, Mike Edenfield wrote:

> On 8/21/2011 7:10 AM, Anthony G. Basile wrote:
>> Hi everyone,
>> 
>> Back in May, I added new feature/selinux profiles which we would like to
>> stabilize soon.  These were structured to parallel the
>> selinux/v2refpolicy profiles but with the idea that they could be added
>> as a feature to any existing profile.
>> 
>> There are no open bugs out against them, so we are clear to stabilize,
>> but I would like feedback from the community about their use, especially
>> since the next step might be to deprecate the older profiles.  (Don't
>> panic!  It would not happen anytime soon if at all.  And you would get
>> ample warnings.)
>> 
>> Either we haven't hit any bugs with the new profiles because of low
>> usage or because there just aren't any, so community feedback about
>> their use and usefulness would be appreciated.
> 
> I'm using them on all of my SELinux systems now and haven't noticed any issues with them, and I have at least one of each (x86, amd64, and amd64-multilib).
> 
> --Mike
> 

I've been using it on 4 systems for the last month or so.

-- Matthew Thode

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 881 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [gentoo-hardened] Stabilizing the new selinux profiles
  2011-08-21 20:03   ` Matt Thode
@ 2011-08-21 21:01     ` Anthony G. Basile
  0 siblings, 0 replies; 4+ messages in thread
From: Anthony G. Basile @ 2011-08-21 21:01 UTC (permalink / raw
  To: gentoo-hardened

On 08/21/2011 04:03 PM, Matt Thode wrote:
> 
> On Aug 21, 2011, at 7:03 AM, Mike Edenfield wrote:
> 
>> On 8/21/2011 7:10 AM, Anthony G. Basile wrote:
>>> Hi everyone,
>>>
>>> Back in May, I added new feature/selinux profiles which we would like to
>>> stabilize soon.  These were structured to parallel the
>>> selinux/v2refpolicy profiles but with the idea that they could be added
>>> as a feature to any existing profile.
>>>
>>> There are no open bugs out against them, so we are clear to stabilize,
>>> but I would like feedback from the community about their use, especially
>>> since the next step might be to deprecate the older profiles.  (Don't
>>> panic!  It would not happen anytime soon if at all.  And you would get
>>> ample warnings.)
>>>
>>> Either we haven't hit any bugs with the new profiles because of low
>>> usage or because there just aren't any, so community feedback about
>>> their use and usefulness would be appreciated.
>>
>> I'm using them on all of my SELinux systems now and haven't noticed any issues with them, and I have at least one of each (x86, amd64, and amd64-multilib).
>>
>> --Mike
>>
> 
> I've been using it on 4 systems for the last month or so.
> 
> -- Matthew Thode

Okay, I will be marking these profiles stable.

-- 
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197



^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2011-08-21 21:01 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-08-21 11:10 [gentoo-hardened] Stabilizing the new selinux profiles Anthony G. Basile
2011-08-21 12:03 ` Mike Edenfield
2011-08-21 20:03   ` Matt Thode
2011-08-21 21:01     ` Anthony G. Basile

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox