[gentoo-hardened] selinux-greenhorn: make load not working

[gentoo-hardened] selinux-greenhorn: make load not working

[Manuel Werlberger]

Hi!

I hope you can help me. I'm abolutely new to SELinux. I want to convert 
my server-box to a selinux profile. I followed the converting-guide in 
the selinux-handbook. When i do make clean - make install - make load in 
/etc/security/selinux/src/policy i get:

  * Loading policy.20
/usr/sbin/load_policy:  Can't load policy:  No such file or directory
make: *** [tmp/load] Error 2


I think my problem is that sestatus says that SELinux status: disabled. 
But I don't find the problem why my box do not activate SELinux at boot.

athena policy # ldd /sbin/init
         linux-gate.so.1 =>  (0xffffe000)
         libselinux.so.1 => /lib/libselinux.so.1 (0xb7fcc000)
         libsepol.so.1 => /lib/libsepol.so.1 (0xb7f7d000)
         libc.so.6 => /lib/libc.so.6 (0xb7e68000)
         libdl.so.2 => /lib/libdl.so.2 (0xb7e64000)
         /lib/ld-linux.so.2 (0xb7feb000)

I use selinux/2005.1/x86/ profile and i686-pc-linux-gnu-3.4.5 as gcc 
profile. Do I have to switch to a hardened gcc profile? I don't want to 
try without asking (I need the box running ;-) ). The kernel I use is 
linux-2.6.14-hardened-r5.

I hope there's enough information to solve the problem.

In addition I have the question about docs. Where do I get information 
on SELinux? The handbook and docs on gentoo are great but IMHO a little 
bit short for creating policies and how SELinux really works. (Thinks 
like what can I do with SELinux and how :-) ).

Thanks in advance,
  Manuel
-- 
gentoo-hardened@gentoo.org mailing list

Re: [gentoo-hardened] selinux-greenhorn: make load not working

[Manuel Werlberger]

Hi!

I got the mistake. Something went wrong with my Lilo config. I always
did a remote reboot and didn't realise the wrong configuration.

Still looking for some good documentation...

Greetings, Manuel

On 4/29/06, Manuel Werlberger <news@werlberger.org> wrote:
> Hi!
>
> I hope you can help me. I'm abolutely new to SELinux. I want to convert
> my server-box to a selinux profile. I followed the converting-guide in
> the selinux-handbook. When i do make clean - make install - make load in
> /etc/security/selinux/src/policy i get:
>
>   * Loading policy.20
> /usr/sbin/load_policy:  Can't load policy:  No such file or directory
> make: *** [tmp/load] Error 2
>
>
> I think my problem is that sestatus says that SELinux status: disabled.
> But I don't find the problem why my box do not activate SELinux at boot.
>
> athena policy # ldd /sbin/init
>          linux-gate.so.1 =>  (0xffffe000)
>          libselinux.so.1 => /lib/libselinux.so.1 (0xb7fcc000)
>          libsepol.so.1 => /lib/libsepol.so.1 (0xb7f7d000)
>          libc.so.6 => /lib/libc.so.6 (0xb7e68000)
>          libdl.so.2 => /lib/libdl.so.2 (0xb7e64000)
>          /lib/ld-linux.so.2 (0xb7feb000)
>
> I use selinux/2005.1/x86/ profile and i686-pc-linux-gnu-3.4.5 as gcc
> profile. Do I have to switch to a hardened gcc profile? I don't want to
> try without asking (I need the box running ;-) ). The kernel I use is
> linux-2.6.14-hardened-r5.
>
> I hope there's enough information to solve the problem.
>
> In addition I have the question about docs. Where do I get information
> on SELinux? The handbook and docs on gentoo are great but IMHO a little
> bit short for creating policies and how SELinux really works. (Thinks
> like what can I do with SELinux and how :-) ).
>
> Thanks in advance,
>   Manuel
> --
> gentoo-hardened@gentoo.org mailing list
>
>


--
[X] nail here for a new display

-- 
gentoo-hardened@gentoo.org mailing list