* Updated OpenSSH
@ 2002-06-28 14:21 Justin Smith
2002-06-28 14:54 ` Stephen Smalley
2002-06-28 17:53 ` Enterprise Internet Solutions LLC
0 siblings, 2 replies; 4+ messages in thread
From: Justin Smith @ 2002-06-28 14:21 UTC (permalink / raw)
To: SE Linux
Is there a place where one can get the complete source coded of the
updates OpenSSH? The patch doesn't work for me (no doubt because I
haven't been keeping up with the previous patches).
--
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Updated OpenSSH
2002-06-28 14:21 Updated OpenSSH Justin Smith
@ 2002-06-28 14:54 ` Stephen Smalley
2002-06-28 15:04 ` Stephen Smalley
2002-06-28 17:53 ` Enterprise Internet Solutions LLC
1 sibling, 1 reply; 4+ messages in thread
From: Stephen Smalley @ 2002-06-28 14:54 UTC (permalink / raw)
To: Justin Smith; +Cc: SE Linux
On 28 Jun 2002, Justin Smith wrote:
> Is there a place where one can get the complete source coded of the
> updates OpenSSH? The patch doesn't work for me (no doubt because I
> haven't been keeping up with the previous patches).
The SELinux patch that I posted should apply cleanly to the openssh-3.4p1
tar gz file from http://www.openssh.org/portable.html. In any event, you
can now obtain a copy of openssh-3.4p1 with the SELinux patch merged from
the sourceforge CVS tree, under nsa/selinux/utils/openssh-3.4p1. I have
also updated the selinux/utils/Makefile in that tree to use 3.4p1 instead
of 3.1p1, and I have updated the selinux/policy/domains/program/sshd.te
file to grant sys_chroot and to remove direct transitions to sysadm_t
(use newrole instead).
The sourceforge CVS tree can be accessed via :
export
CVSROOT=:pserver:anonymous@cvs.selinux.sourceforge.net:/cvsroot/selinux
cvs -z3 co nsa/selinux
--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Updated OpenSSH
2002-06-28 14:54 ` Stephen Smalley
@ 2002-06-28 15:04 ` Stephen Smalley
0 siblings, 0 replies; 4+ messages in thread
From: Stephen Smalley @ 2002-06-28 15:04 UTC (permalink / raw)
To: Justin Smith; +Cc: SE Linux
On Fri, 28 Jun 2002, Stephen Smalley wrote:
> The SELinux patch that I posted should apply cleanly to the openssh-3.4p1
> tar gz file from http://www.openssh.org/portable.html. In any event, you
> can now obtain a copy of openssh-3.4p1 with the SELinux patch merged from
> the sourceforge CVS tree, under nsa/selinux/utils/openssh-3.4p1. I have
> also updated the selinux/utils/Makefile in that tree to use 3.4p1 instead
> of 3.1p1, and I have updated the selinux/policy/domains/program/sshd.te
> file to grant sys_chroot and to remove direct transitions to sysadm_t
> (use newrole instead).
By the way, some tips for installing:
1) Don't forget to relabel ssh and sshd after installing the new version.
You can do this quickly by just running 'make relabel' in selinux/utils.
2) Create the sshd user as described in the README.privsep file from the
openssh-3.4p1 directory.
3) Reload your policy after installing the new sshd.te.
4) After doing the above, use run_init to restart sshd.
--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Updated OpenSSH
2002-06-28 14:21 Updated OpenSSH Justin Smith
2002-06-28 14:54 ` Stephen Smalley
@ 2002-06-28 17:53 ` Enterprise Internet Solutions LLC
1 sibling, 0 replies; 4+ messages in thread
From: Enterprise Internet Solutions LLC @ 2002-06-28 17:53 UTC (permalink / raw)
To: Justin Smith; +Cc: SE Linux
http://www.openssh.org
On 28 Jun 2002, Justin Smith wrote:
> Is there a place where one can get the complete source coded of the
> updates OpenSSH? The patch doesn't work for me (no doubt because I
> haven't been keeping up with the previous patches).
> --
>
>
> --
> You have received this message because you are subscribed to the selinux list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-06-28 17:53 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-28 14:21 Updated OpenSSH Justin Smith
2002-06-28 14:54 ` Stephen Smalley
2002-06-28 15:04 ` Stephen Smalley
2002-06-28 17:53 ` Enterprise Internet Solutions LLC
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.