| 1 |
<<<<<<< |
| 2 |
As I don't want to become the testing ground for such policies, I'll see to |
| 3 |
it that MCS becomes our default policy type as well, and that a (simple) |
| 4 |
upgrade procedure is available for those still at strict or targeted. |
| 5 |
>>>>>>> |
| 6 |
|
| 7 |
I'm running MCS on my server but it is still in permissive mode because I |
| 8 |
need to iron out a few things and haven't had the time but I'm preparing |
| 9 |
another server this week-end so I can try a new MCS install and report back |
| 10 |
problems and bugs. Regarding bugs, the documentation on page |
| 11 |
|
| 12 |
http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2&c |
| 13 |
hap=1 |
| 14 |
|
| 15 |
Recommend the installation of selinux modules before configuring the policy. |
| 16 |
I don't recommend that because all the policies get installed into the |
| 17 |
strict directory (/etc/selinux/strict) on a default installation and the |
| 18 |
/etc/selinux/mcs directory is empty. That's an easy fix but I can do a bug |
| 19 |
report if needed. |
| 20 |
|
| 21 |
Alain |
Archives