Archives
Archives
| From: | Chris PeBenito <pebenito@g.o> |
|---|---|
| To: | Hardened Gentoo Mail List <gentoo-hardened@l.g.o> |
| Cc: | Gentoo Development Mail List <gentoo-dev@l.g.o> |
| Subject: | [gentoo-dev] SELinux x86 LiveCD |
| Date: | Mon, 26 Jan 2004 06:40:29 |
| Message-Id: | 1075099196.1235.75.camel@chris.pebenito.net |
| 1 | A couple of things for SELinux have been happening this week. Most |
| 2 | exciting is the availability of an experimental SELinux i686 LiveCD, |
| 3 | along with fresh stage 1 and i686 stages 2&3. The install guide is |
| 4 | back, and now people should be able to install SELinux from scratch. |
| 5 | These are all very experimental (the guide too), so tread with care, and |
| 6 | report bugs :) Only issue I know of currently is a few denials from |
| 7 | dhcpcd on the livecd. |
| 8 | |
| 9 | http://www.gentoo.org/proj/en/hardened/selinux/selinux-x86-install.xml |
| 10 | http://gentoo.oregonstate.edu/experimental/x86/livecd/ |
| 11 | http://gentoo.oregonstate.edu/experimental/x86/stages/ |
| 12 | |
| 13 | Also, a patch to baselayout has been added to make /sbin/init do the |
| 14 | initial policy load. This eliminates the need for seinit, and fixes up |
| 15 | the problem with /usr being on a separate partition. Remerge baselayout |
| 16 | and then you can remove init=/sbin/seinit from the kernel command line. |
| 17 | You can verify your /sbin/init has the the support to do the policy load |
| 18 | by doing 'ldd /sbin/init', and it should mention libselinux. |
| 19 | |
| 20 | -- |
| 21 | Chris PeBenito |
| 22 | <pebenito@g.o> |
| 23 | Developer, |
| 24 | Hardened Gentoo Linux |
| 25 | Embedded Gentoo Linux |
| 26 | |
| 27 | Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243 |
| 28 | Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243 |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |