From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Pb2gm-0008Gr-Nk for garchives@archives.gentoo.org; Fri, 07 Jan 2011 03:08:28 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2FFEDE07E4 for ; Fri, 7 Jan 2011 03:08:28 +0000 (UTC) Received: from mail-qy0-f181.google.com (mail-qy0-f181.google.com [209.85.216.181]) by pigeon.gentoo.org (Postfix) with ESMTP id EA31AE0968 for ; Fri, 7 Jan 2011 02:48:33 +0000 (UTC) Received: by qyk12 with SMTP id 12so19262486qyk.19 for ; Thu, 06 Jan 2011 18:48:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=Lt4gwpPy7WXLNStG2CmfwaBa9Y7ceEDca2I1qlcMrwg=; b=uVY7l1HzDl1SdQz+6W4qt2wZ1Y/kaAaEnvT0O0/P32A/2TtfSWXAysFQ+9UsdrayRS //hepm33QNxTf3N4eyDIMZxquRgnKYSGk7CsQqIUrb6nh/VvqVXElufsSP+cFIcjD7Dk fUj1NYVHJ2XoYbxSacTEPky8D+ETjwgGexmJQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=pNuo5PIv2Nn5x6amgOAj+vYaWuIjqQZZEs+zaIHDHNofYR4cDCRzpCYc8s0pQrslfJ DGN0cAOOkoeRmBSXiJ6GEH4uLXBF0w/p1Fcl3lbU/V7PRTzGUharAK1eYdt6kQbzozPC n6eAHX/i6yOCEHWO0pF2E2oGNoUQ1vwhvQMKc= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Received: by 10.229.43.72 with SMTP id v8mr304486qce.290.1294368513190; Thu, 06 Jan 2011 18:48:33 -0800 (PST) Received: by 10.229.21.193 with HTTP; Thu, 6 Jan 2011 18:48:33 -0800 (PST) In-Reply-To: <20110106223208.GA29456@siphos.be> References: <20110106223208.GA29456@siphos.be> Date: Fri, 7 Jan 2011 04:48:33 +0200 Message-ID: Subject: Re: [gentoo-hardened] SELinux documentation draft From: Asaf Gery To: gentoo-hardened@lists.gentoo.org Content-Type: multipart/alternative; boundary=0016e64bc18c6febff049938a765 X-Archives-Salt: 2c256f22-88a8-4235-bd9b-9c2d6181001b X-Archives-Hash: 1523320df33392866f3b754049d12827 --0016e64bc18c6febff049938a765 Content-Type: text/plain; charset=UTF-8 Thanks Sven, I appreciate your dedication. Asaf On Fri, Jan 7, 2011 at 00:32, Sven Vermeulen wrote: > Hi everyone, > > I've been working on bringing the SELinux handbook as currently available > on > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml more > up2date. It's somewhat of a rewrite, but with all elements of the original > SELinux handbook still inside it (apart from the troubleshooting as I guess > those are quite outdated, being from 2006 and older). > > The draft is currently available in the hardened-docs.git repository. In > > http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=tree;f=html/selinux;hb=HEAD > you should be able to select individual chapters (HTML format) in the "raw" > tree to view them somewhat like they would on the Gentoo site, but for your > convenience there's also a PDF available at > > http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=tree;f=pdf;hb=HEAD > > The new draft is structed in three parts: > > Part A - Introduction to Gentoo/Hardened SELinux > Chapter 1. Enhancing Linux Security > Chapter 2. SELinux Concepts > Chapter 3. The SELinux (Reference) Policy > Part B - Using Gentoo/Hardened SELinux > Chapter 1. Gentoo SELinux Installation / Conversion > Chapter 2. SELinux Commands > Chapter 3. Running in Permissive Mode > Chapter 4. Switching to Enforcing Mode > Chapter 5. Adding SELinux Policy Modules > Part C - Appendices > Chapter 1. Troubleshooting SELinux > Chapter 2. SELinux Reference Material > > If time permits, part A will have a fourth chapter on virtualization and > SELinux, but I gather that's more for the next update on the documentation. > > The document is currently written with the ebuilds in hardened-development > overlay in mind, so everyone interested in giving Gentoo Hardened with > SELinux a try can use the draft documentation with the > "hardened-development" overlay. > > For the time being the document only supports the type enforcement features > of SELinux. MLS/MCS has not been touched yet. > > Feedback is always welcome, including language mistakes, typos or just > plain > lies. > > Wkr, > Sven Vermeulen > --0016e64bc18c6febff049938a765 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Thanks Sven,
I appreciate your dedication.

Asaf<= br>
On Fri, Jan 7, 2011 at 00:32, Sven Vermeu= len <sven.= vermeulen@siphos.be> wrote:
Hi everyone,

I've been working on bringing the SELinux handbook as currently availab= le on
http://www.gentoo.org/proj/en/hardened/selinux/selin= ux-handbook.xml more
up2date. It's somewhat of a rewrite, but with all elements of the origi= nal
SELinux handbook still inside it (apart from the troubleshooting as I guess=
those are quite outdated, being from 2006 and older).

The draft is currently available in the hardened-docs.git repository. In http://git.overlay= s.gentoo.org/gitweb/?p=3Dproj/hardened-docs.git;a=3Dtree;f=3Dhtml/selinux;h= b=3DHEAD
you should be able to select individual chapters (HTML format) in the "= ;raw"
tree to view them somewhat like they would on the Gentoo site, but for your=
convenience there's also a PDF available at
http://git.overlays.gentoo.= org/gitweb/?p=3Dproj/hardened-docs.git;a=3Dtree;f=3Dpdf;hb=3DHEAD

The new draft is structed in three parts:

Part A - Introduction to Gentoo/Hardened SELinux
=C2=A0Chapter 1. Enhancing Linux Security
=C2=A0Chapter 2. SELinux Concepts
=C2=A0Chapter 3. The SELinux (Reference) Policy
Part B - Using Gentoo/Hardened SELinux
=C2=A0Chapter 1. Gentoo SELinux Installation / Conversion
=C2=A0Chapter 2. SELinux Commands
=C2=A0Chapter 3. Running in Permissive Mode
=C2=A0Chapter 4. Switching to Enforcing Mode
=C2=A0Chapter 5. Adding SELinux Policy Modules
Part C - Appendices
=C2=A0Chapter 1. Troubleshooting SELinux
=C2=A0Chapter 2. SELinux Reference Material

If time permits, part A will have a fourth chapter on virtualization and SELinux, but I gather that's more for the next update on the documentat= ion.

The document is currently written with the ebuilds in hardened-development<= br> overlay in mind, so everyone interested in giving Gentoo Hardened with
SELinux a try can use the draft documentation with the
"hardened-development" overlay.

For the time being the document only supports the type enforcement features=
of SELinux. MLS/MCS has not been touched yet.

Feedback is always welcome, including language mistakes, typos or just plai= n
lies.

Wkr,
=C2=A0Sven Vermeulen

--0016e64bc18c6febff049938a765--