From: "Christopher J. PeBenito" <cpebenito@tresys.com>
To: Daniel J Walsh <dwalsh@redhat.com>
Cc: "Stephen J. Smoogen" <smooge@gmail.com>,
"Fedora SELinux support list for users & developers."
<fedora-selinux-list@redhat.com>,
SE Linux <selinux@tycho.nsa.gov>
Subject: Re: Need testers for Modules policicy on RHEL4
Date: Thu, 30 Mar 2006 15:59:16 -0500 [thread overview]
Message-ID: <1143752356.13732.63.camel@sgc> (raw)
In-Reply-To: <442C38CD.2000305@redhat.com>
On Thu, 2006-03-30 at 15:00 -0500, Daniel J Walsh wrote:
> Stephen J. Smoogen wrote:
> > On 3/29/06, Daniel J Walsh <dwalsh@redhat.com> wrote:
> >> I have back ported the entire selinux tool chain to RHEL4. I have also
> >> attempted to create a modular policy to match RHEL4 policy as closely as
> >> possible.
> >>
> >> These packages are out on
> >>
> >> ftp://people.redhat.com/dwalsh/SELinux/RHEL4_MODULAR
> >>
> >> If anyone wants to play with these and do some testing that would be great.
> >
> > Cool. I realize there is no promise but I will try them on a test box.
> > What should I look for in a test plan? Also what is the difference
> > between selinux-policy-2.2.28-1.rhel4.noarch.rpm and
> > selinux-policy-targeted-2.2.28-1.rhel4.noarch.rpm?
> >
> >
> Look for regressions. Want to make sure RHEL4 works the same under
> both. The new policy has some added allows but should not have any ones
> missing. There are some types that have been eliminated but they were
> not used.
One known thing would be the missing su(do)+pam_login rules. I plan on
making a rhel4 distro tunable (which infers the redhat tunable too), to
handle things that are in RHEL4, but no longer in newer Red Hat
releases.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2006-03-30 20:59 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-29 23:28 Need testers for Modules policicy on RHEL4 Daniel J Walsh
2006-03-29 23:44 ` Stephen J. Smoogen
2006-03-30 20:00 ` Daniel J Walsh
2006-03-30 20:59 ` Christopher J. PeBenito [this message]
2006-03-30 6:18 ` James de Lurker
2006-03-30 13:20 ` Stephen Smalley
2006-03-31 18:28 ` James de Lurker
2006-04-03 4:55 ` End User Mailing List / Group Randal T. Rioux
2006-04-03 12:32 ` Erich Schubert
2006-04-03 13:52 ` Stephen Smalley
2006-04-05 3:42 ` End User Mailing List / Group / Policy Made Easy Randal T. Rioux
2006-04-05 11:57 ` Erich Schubert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1143752356.13732.63.camel@sgc \
--to=cpebenito@tresys.com \
--cc=dwalsh@redhat.com \
--cc=fedora-selinux-list@redhat.com \
--cc=selinux@tycho.nsa.gov \
--cc=smooge@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.