| 1 |
On Fri, Aug 29, 2003 at 08:41:52PM +0200, Christian Sch?fer wrote: |
| 2 |
> hi, |
| 3 |
> |
| 4 |
> this morning my little box turn fully grown. ;-) |
| 5 |
> I did make relabel and now I'm through with the installation-guide. |
| 6 |
> btw: I would appreciate some sort of advices at the beginning of this |
| 7 |
> guide. like 'don't use reiserfs, since it is not fully stable with |
| 8 |
> selinux'.. |
| 9 |
> |
| 10 |
> anyway, I do use reiserfs. |
| 11 |
> at the end of this mail you'll find my current dmesg output. |
| 12 |
> no errors really but a few lines that i don't like, but don't know how |
| 13 |
> to handle either.. may there be help. :D |
| 14 |
> '### ' mark the lines of wuestion. |
| 15 |
> I either don't know what they mean and/or what to do to avoid them. |
| 16 |
> |
| 17 |
> the last lines with these avc: denied... thingies are uncorrect |
| 18 |
> labeled files right? a relabel does not help, what shall I do? |
| 19 |
> |
| 20 |
> anyway, what is a good procedure to carry on? do i have to label any |
| 21 |
> emerge now? |
| 22 |
> maybe someone of you knows a good basic read, from a users view. |
| 23 |
> I already read a lot about policies and such. but nithing gave me a |
| 24 |
> clue on how to administrate things. |
| 25 |
> |
| 26 |
> thanks a lot! |
| 27 |
> |
| 28 |
> regards |
| 29 |
> /christian |
| 30 |
|
| 31 |
here are a few pointers: |
| 32 |
|
| 33 |
http://www.nsa.gov/selinux/faq.html |
| 34 |
http://www.nsa.gov/selinux/policy2-abs.html |
| 35 |
http://sourceforge.net/docman/display_doc.php?docid=14882&group_id=21266 |
| 36 |
http://www.samag.com/documents/s=7835/sam0303a/0303a.htm |
| 37 |
|
| 38 |
in order to understand those "avc: denied" lines you should read and understand the selinux docs. |
| 39 |
a good helper is the newrules.pl script, but sometimes is generates much to permissive rules. |
| 40 |
|
| 41 |
you can get it from here: |
| 42 |
|
| 43 |
cvs -d:pserver:anonymous@×××××××××××××××××××××××.net:/cvsroot/selinux login |
| 44 |
cvs -z3 -d:pserver:anonymous@×××××××××××××××××××××××.net:/cvsroot/selinux co nsa/selinux/scripts |
| 45 |
|
| 46 |
cvs pass is empty. |
| 47 |
|
| 48 |
have fun, |
| 49 |
peter |
| 50 |
|
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-hardened@g.o mailing list |
Archives