Re: configured virtual environment with SElinux

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Karl MacMillan <kmacmillan@mentalrootkit.com>
To: shahbaz khan <shazalive@gmail.com>
Cc: Jax <cybercorecentre@gmail.com>, selinux@tycho.nsa.gov
Subject: Re: configured virtual environment with SElinux
Date: Mon, 15 Oct 2007 14:36:15 -0400	[thread overview]
Message-ID: <1192473375.2913.8.camel@localhost.localdomain> (raw)
In-Reply-To: <7b740b700710151033h77f51349rcaef35571da0646f@mail.gmail.com>

On Mon, 2007-10-15 at 22:33 +0500, shahbaz khan wrote:
> On 10/15/07, Karl MacMillan <kmacmillan@mentalrootkit.com> wrote: 
>         On Sat, 2007-10-13 at 01:21 +0200, Jax wrote:
>         > Hi guys,
>         >
>         > I still learning many thing in selinux and I want to ask you
>         about is 
>         > there any image where someone already configured selinux for
>         many
>         > application? It can be vmware, uml, openvz whatever, but it
>         would help
>         > me a lot in learning, and understanding selinux by examples
>         because the 
>         > theory itself incredibly boring. I read many docs on the
>         site and I
>         > don't feel I making any progress in this.
>         >
>         > Thanks
>         >
>         > Jax
>         >
>         
>         Installing Fedora (or one of the other supported distros) will
>         get you a 
>         fully configured selinux system.
>  
> Fedora will give you an example system but you will need to download
> the reference policy from Tresys website. Refference policy is a nice
> division of policy into a base and then modular policy per package. It
> will enable you to understand the way the SELinux team handles policy.
> If I can remember correctly they did some work on Xen and VMware.
> Check out the mailing list archives as well. You might find something
> useful there. The theory might be boring to you but you will always
> need some reference material to grip on to the concepts and policy
> clearly. 
> 

The reference policy is included with recent Fedora version. yum install
selinux-policy-devel.

Karl


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2007-10-15 20:19 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-10-12 23:21 configured virtual environment with SElinux Jax
2007-10-15 13:40 ` Karl MacMillan
2007-10-15 17:33   ` shahbaz khan
2007-10-15 18:36     ` Karl MacMillan [this message]
2007-10-17 21:23   ` Russell Coker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1192473375.2913.8.camel@localhost.localdomain \
    --to=kmacmillan@mentalrootkit.com \
    --cc=cybercorecentre@gmail.com \
    --cc=selinux@tycho.nsa.gov \
    --cc=shazalive@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.