1 |
<<<<<<< |
2 |
As I don't want to become the testing ground for such policies, I'll see to |
3 |
it that MCS becomes our default policy type as well, and that a (simple) |
4 |
upgrade procedure is available for those still at strict or targeted. |
5 |
>>>>>>> |
6 |
|
7 |
I'm running MCS on my server but it is still in permissive mode because I |
8 |
need to iron out a few things and haven't had the time but I'm preparing |
9 |
another server this week-end so I can try a new MCS install and report back |
10 |
problems and bugs. Regarding bugs, the documentation on page |
11 |
|
12 |
http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2&c |
13 |
hap=1 |
14 |
|
15 |
Recommend the installation of selinux modules before configuring the policy. |
16 |
I don't recommend that because all the policies get installed into the |
17 |
strict directory (/etc/selinux/strict) on a default installation and the |
18 |
/etc/selinux/mcs directory is empty. That's an easy fix but I can do a bug |
19 |
report if needed. |
20 |
|
21 |
Alain |