1 |
Jae Kim wrote: |
2 |
> Mike Edenfield wrote: |
3 |
>> Caleb Cushing wrote: |
4 |
>>> /etc/security/selinux/src/policy |
5 |
>>> |
6 |
>>> policy doesn't exist in 2006.1 profile? hmm... I have a populated |
7 |
>>> directory on my other selinux box but there isn't one on this box. |
8 |
>>> not sure why. the only thing I can think of is that I started that |
9 |
>>> box on a 2005.1 profile.... because I don't recall downloading a |
10 |
>>> policy... do I need to download or write my own? or is there a faster |
11 |
>>> way? |
12 |
>> |
13 |
>> If you read the update SELinux HOWTO it will explain all of this (I |
14 |
>> just upgraded this weekend and it took me a minute, too.) |
15 |
>> |
16 |
>> The policy source isn't install on your system anymore, only the |
17 |
>> compiled policies. You don't need to 'make' the policy anymore. You |
18 |
>> use the new SELinux tools like rlpkg and semodule to load modules into |
19 |
>> the running system. |
20 |
>> |
21 |
> |
22 |
> hmm i thought this only applies to 2006.1 profile and |
23 |
> hardened users have to stick with old method.. |
24 |
|
25 |
He is using the 2006.1 profile, which was the source of his |
26 |
confusion. You are correct that users of the hardened |
27 |
profile can't use the 2006.1 SELinux profile yet; I beleive |
28 |
it's due to the lack of a working hardened toolchain which |
29 |
includes the latest versions of gcc/glibc, which are |
30 |
required for the latest SELinux tools. |
31 |
|
32 |
-- |
33 |
-- Mike |
34 |
|
35 |
Still using IE? Get Firefox! |
36 |
http://www.spreadfirefox.com/?q=affiliates&id=6492&t=1 |
37 |
-- |
38 |
gentoo-hardened@g.o mailing list |