* configured virtual environment with SElinux
@ 2007-10-12 23:21 Jax
2007-10-15 13:40 ` Karl MacMillan
0 siblings, 1 reply; 5+ messages in thread
From: Jax @ 2007-10-12 23:21 UTC (permalink / raw)
To: selinux
Hi guys,
I still learning many thing in selinux and I want to ask you about is
there any image where someone already configured selinux for many
application? It can be vmware, uml, openvz whatever, but it would help
me a lot in learning, and understanding selinux by examples because the
theory itself incredibly boring. I read many docs on the site and I
don't feel I making any progress in this.
Thanks
Jax
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: configured virtual environment with SElinux
2007-10-12 23:21 configured virtual environment with SElinux Jax
@ 2007-10-15 13:40 ` Karl MacMillan
2007-10-15 17:33 ` shahbaz khan
2007-10-17 21:23 ` Russell Coker
0 siblings, 2 replies; 5+ messages in thread
From: Karl MacMillan @ 2007-10-15 13:40 UTC (permalink / raw)
To: Jax; +Cc: selinux
On Sat, 2007-10-13 at 01:21 +0200, Jax wrote:
> Hi guys,
>
> I still learning many thing in selinux and I want to ask you about is
> there any image where someone already configured selinux for many
> application? It can be vmware, uml, openvz whatever, but it would help
> me a lot in learning, and understanding selinux by examples because the
> theory itself incredibly boring. I read many docs on the site and I
> don't feel I making any progress in this.
>
> Thanks
>
> Jax
>
Installing Fedora (or one of the other supported distros) will get you a
fully configured selinux system.
Karl
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: configured virtual environment with SElinux
2007-10-15 13:40 ` Karl MacMillan
@ 2007-10-15 17:33 ` shahbaz khan
2007-10-15 18:36 ` Karl MacMillan
2007-10-17 21:23 ` Russell Coker
1 sibling, 1 reply; 5+ messages in thread
From: shahbaz khan @ 2007-10-15 17:33 UTC (permalink / raw)
To: Karl MacMillan; +Cc: Jax, selinux
[-- Attachment #1: Type: text/plain, Size: 1365 bytes --]
On 10/15/07, Karl MacMillan <kmacmillan@mentalrootkit.com> wrote:
>
> On Sat, 2007-10-13 at 01:21 +0200, Jax wrote:
> > Hi guys,
> >
> > I still learning many thing in selinux and I want to ask you about is
> > there any image where someone already configured selinux for many
> > application? It can be vmware, uml, openvz whatever, but it would help
> > me a lot in learning, and understanding selinux by examples because the
> > theory itself incredibly boring. I read many docs on the site and I
> > don't feel I making any progress in this.
> >
> > Thanks
> >
> > Jax
> >
>
> Installing Fedora (or one of the other supported distros) will get you a
> fully configured selinux system.
Fedora will give you an example system but you will need to download the
reference policy from Tresys website. Refference policy is a nice division
of policy into a base and then modular policy per package. It will enable
you to understand the way the SELinux team handles policy. If I can remember
correctly they did some work on Xen and VMware. Check out the mailing
list archives as well. You might find something useful there. The theory
might be boring to you but you will always need some reference material to
grip on to the concepts and policy clearly.
--
Shaz
Group: http://securityengineering.wordpress.com
Email: shazalive@gmail.com
cell: +92 91 0300 5944647
[-- Attachment #2: Type: text/html, Size: 1847 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: configured virtual environment with SElinux
2007-10-15 17:33 ` shahbaz khan
@ 2007-10-15 18:36 ` Karl MacMillan
0 siblings, 0 replies; 5+ messages in thread
From: Karl MacMillan @ 2007-10-15 18:36 UTC (permalink / raw)
To: shahbaz khan; +Cc: Jax, selinux
On Mon, 2007-10-15 at 22:33 +0500, shahbaz khan wrote:
> On 10/15/07, Karl MacMillan <kmacmillan@mentalrootkit.com> wrote:
> On Sat, 2007-10-13 at 01:21 +0200, Jax wrote:
> > Hi guys,
> >
> > I still learning many thing in selinux and I want to ask you
> about is
> > there any image where someone already configured selinux for
> many
> > application? It can be vmware, uml, openvz whatever, but it
> would help
> > me a lot in learning, and understanding selinux by examples
> because the
> > theory itself incredibly boring. I read many docs on the
> site and I
> > don't feel I making any progress in this.
> >
> > Thanks
> >
> > Jax
> >
>
> Installing Fedora (or one of the other supported distros) will
> get you a
> fully configured selinux system.
>
> Fedora will give you an example system but you will need to download
> the reference policy from Tresys website. Refference policy is a nice
> division of policy into a base and then modular policy per package. It
> will enable you to understand the way the SELinux team handles policy.
> If I can remember correctly they did some work on Xen and VMware.
> Check out the mailing list archives as well. You might find something
> useful there. The theory might be boring to you but you will always
> need some reference material to grip on to the concepts and policy
> clearly.
>
The reference policy is included with recent Fedora version. yum install
selinux-policy-devel.
Karl
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: configured virtual environment with SElinux
2007-10-15 13:40 ` Karl MacMillan
2007-10-15 17:33 ` shahbaz khan
@ 2007-10-17 21:23 ` Russell Coker
1 sibling, 0 replies; 5+ messages in thread
From: Russell Coker @ 2007-10-17 21:23 UTC (permalink / raw)
To: Karl MacMillan; +Cc: Jax, selinux
On Monday 15 October 2007 23:40, Karl MacMillan <kmacmillan@mentalrootkit.com>
wrote:
> Installing Fedora (or one of the other supported distros) will get you a
> fully configured selinux system.
http://www.jailtime.org/ has Xen images, I haven't tested what the CentOS5
image is like (I hope it has SE Linux in the default configuration) and there
is no Debian 4.0. It's not difficult to re-enable SE Linux if they happen to
have disabled it.
Of course this relies on you using Xen, but most people seem to be using Xen
for such things at the moment.
--
russell@coker.com.au
http://etbe.coker.com.au/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-10-17 21:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-10-12 23:21 configured virtual environment with SElinux Jax
2007-10-15 13:40 ` Karl MacMillan
2007-10-15 17:33 ` shahbaz khan
2007-10-15 18:36 ` Karl MacMillan
2007-10-17 21:23 ` Russell Coker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.