| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Krzysztof Kozłowski wrote: |
| 5 |
> Brant Williams wrote: |
| 6 |
>> As you stated, they can be installed via modules...why not just emerge |
| 7 |
>> what you need? |
| 8 |
> The problem is that there are only ebuilds for some of selinux modules. I |
| 9 |
> couldn't find one for e.g. dovecot, smartmon, quota, logwatch, slocate, munin |
| 10 |
> (not included in base.pp)... and probably many more... So I can not emerge |
| 11 |
> what I need :). |
| 12 |
> |
| 13 |
> |
| 14 |
You are right - for some ebuilds there are no selinux modules. For that |
| 15 |
programs you can run it in unconfined role (not very secure) or write |
| 16 |
your own selinux module. |
| 17 |
You can also use targeted selinux policy (only for programs for which |
| 18 |
you have selinux modules). |
| 19 |
|
| 20 |
Łukasz Marszał |
| 21 |
-----BEGIN PGP SIGNATURE----- |
| 22 |
Version: GnuPG v1.4.7 (GNU/Linux) |
| 23 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
| 24 |
|
| 25 |
iQCVAwUBRmvFR8KonSPgzwHdAQKqdwP/YrKUFicdtMXahXnj0G5WbVW6lGrsVeqv |
| 26 |
SGZvA90lB8IY9vD32s2ry7Z9+x3tzzNHnQt9GK2mRdtlZ3fnzEqP0sWXmUbqxLeY |
| 27 |
F17Rd25/bE7Wb0qySZWtxjhMSvqfkHAqPwg/+aFrfeZpLt+xlc33A44025Kms5zV |
| 28 |
lFiscYkIizg= |
| 29 |
=/x6H |
| 30 |
-----END PGP SIGNATURE----- |
| 31 |
-- |
| 32 |
gentoo-hardened@g.o mailing list |
Archives