| 1 |
Jae Kim wrote: |
| 2 |
> Mike Edenfield wrote: |
| 3 |
>> Caleb Cushing wrote: |
| 4 |
>>> /etc/security/selinux/src/policy |
| 5 |
>>> |
| 6 |
>>> policy doesn't exist in 2006.1 profile? hmm... I have a populated |
| 7 |
>>> directory on my other selinux box but there isn't one on this box. |
| 8 |
>>> not sure why. the only thing I can think of is that I started that |
| 9 |
>>> box on a 2005.1 profile.... because I don't recall downloading a |
| 10 |
>>> policy... do I need to download or write my own? or is there a faster |
| 11 |
>>> way? |
| 12 |
>> |
| 13 |
>> If you read the update SELinux HOWTO it will explain all of this (I |
| 14 |
>> just upgraded this weekend and it took me a minute, too.) |
| 15 |
>> |
| 16 |
>> The policy source isn't install on your system anymore, only the |
| 17 |
>> compiled policies. You don't need to 'make' the policy anymore. You |
| 18 |
>> use the new SELinux tools like rlpkg and semodule to load modules into |
| 19 |
>> the running system. |
| 20 |
>> |
| 21 |
> |
| 22 |
> hmm i thought this only applies to 2006.1 profile and |
| 23 |
> hardened users have to stick with old method.. |
| 24 |
|
| 25 |
He is using the 2006.1 profile, which was the source of his |
| 26 |
confusion. You are correct that users of the hardened |
| 27 |
profile can't use the 2006.1 SELinux profile yet; I beleive |
| 28 |
it's due to the lack of a working hardened toolchain which |
| 29 |
includes the latest versions of gcc/glibc, which are |
| 30 |
required for the latest SELinux tools. |
| 31 |
|
| 32 |
-- |
| 33 |
-- Mike |
| 34 |
|
| 35 |
Still using IE? Get Firefox! |
| 36 |
http://www.spreadfirefox.com/?q=affiliates&id=6492&t=1 |
| 37 |
-- |
| 38 |
gentoo-hardened@g.o mailing list |
Archives