[gentoo-hardened] SELinux, udev and SpeedTouch 330

[gentoo-hardened] SELinux, udev and SpeedTouch 330

[Maciej Piechotka]

I've reinstall gentoo system. I'd like to use SELinux (it'll be a home
router/server and it worth knowledge).
1. In handbook is written to not have udev tarbal. However iv I have
it setted to no I do not have any drive (hdc{,1,2,3,4,5,6,7}) and it
crach couse of impossible of remounting root.
2. ppp ask about a node /dev/ppp. I created it by mknode. It ask to
compile ppp support (it's compiled in). In dmesg I have logs from avc
of denied  for comm="pppd" name="ppp". How can I make it work?
3. I cannot turned into static /dev because:
- speedtch needs udev
- it's deprecated

I've install gentoo many times on few machines (include this) but
never have such problems - it used to work. However it's my first
SELinux installation - I think it's problem with my lack of knowledge.
How can I resolve it?

Best regards

-- 
gentoo-hardened@gentoo.org mailing list

Re: [gentoo-hardened] SELinux, udev and SpeedTouch 330

[kakou]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Maciej Piechotka wrote:
> I've reinstall gentoo system. I'd like to use SELinux (it'll be a home
> router/server and it worth knowledge).
> 1. In handbook is written to not have udev tarbal. However iv I have
> it setted to no I do not have any drive (hdc{,1,2,3,4,5,6,7}) and it
> crach couse of impossible of remounting root.
You can maybe use the developpement mode and boot in permissive mode.
After boot, enter in the enforcing mode with "setenforce 1".
Note that on many systems I have problems with >=udev-87

> 2. ppp ask about a node /dev/ppp. I created it by mknode. It ask to
> compile ppp support (it's compiled in). In dmesg I have logs from avc
> of denied  for comm="pppd" name="ppp". How can I make it work?
Can you copy the denied traces (from dmesg or syslog when you try to
start pppd)?
> 3. I cannot turned into static /dev because:
> - speedtch needs udev
> - it's deprecated
>
> I've install gentoo many times on few machines (include this) but
> never have such problems - it used to work. However it's my first
> SELinux installation - I think it's problem with my lack of knowledge.
> How can I resolve it?
>
> Best regards
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEbvfS3RS+hG/PB/URAj4UAJ4qmM5rA0pjJF+7CkSIZUxT/4v88ACfdWec
7OvyPKSz8XPzIm205D22tYw=
=H3Oa
-----END PGP SIGNATURE-----

-- 
gentoo-hardened@gentoo.org mailing list

Re: [gentoo-hardened] SELinux, udev and SpeedTouch 330

[Maciej Piechotka]

On 5/20/06, kakou <kakou@kakou.org> wrote:
> Maciej Piechotka wrote:
> > I've reinstall gentoo system. I'd like to use SELinux (it'll be a home
> > router/server and it worth knowledge).
> > 1. In handbook is written to not have udev tarbal. However iv I have
> > it setted to no I do not have any drive (hdc{,1,2,3,4,5,6,7}) and it
> > crach couse of impossible of remounting root.
> You can maybe use the developpement mode and boot in permissive mode.
> After boot, enter in the enforcing mode with "setenforce 1".
> Note that on many systems I have problems with >=udev-87
>

I don't understend. Where should I set it?
After crach I can only reboot (or do something before. But not continue).
Should I pass it like an append?

> > 2. ppp ask about a node /dev/ppp. I created it by mknode. It ask to
> > compile ppp support (it's compiled in). In dmesg I have logs from avc
> > of denied  for comm="pppd" name="ppp". How can I make it work?
> Can you copy the denied traces (from dmesg or syslog when you try to
> start pppd)?

I'll do it after a moment.

-- 
gentoo-hardened@gentoo.org mailing list

Re: [gentoo-hardened] SELinux, udev and SpeedTouch 330

[Maciej Piechotka]

On 5/20/06, Maciej Piechotka <uzytkownik2@gmail.com> wrote:
> On 5/20/06, kakou <kakou@kakou.org> wrote:
> > Maciej Piechotka wrote:
> > > I've reinstall gentoo system. I'd like to use SELinux (it'll be a home
> > > router/server and it worth knowledge).
> > > 1. In handbook is written to not have udev tarbal. However iv I have
> > > it setted to no I do not have any drive (hdc{,1,2,3,4,5,6,7}) and it
> > > crach couse of impossible of remounting root.
> > You can maybe use the developpement mode and boot in permissive mode.
> > After boot, enter in the enforcing mode with "setenforce 1".
> > Note that on many systems I have problems with >=udev-87
> >
>
> I don't understend. Where should I set it?
> After crach I can only reboot (or do something before. But not continue).
> Should I pass it like an append?
>

Oh. Sorry. I understend now.

-- 
gentoo-hardened@gentoo.org mailing list