From: Dale Amon <amon@vnl.com>
To: Dale Amon <amon@vnl.com>, selinux@tycho.nsa.gov
Subject: Re: State of Debian SELinux
Date: Sun, 18 Sep 2005 10:58:07 +0100 [thread overview]
Message-ID: <20050918095806.GC25649@vnl.com> (raw)
In-Reply-To: <20050918001512.GR9092@lkcl.net>
[-- Attachment #1: Type: text/plain, Size: 2027 bytes --]
On Sun, Sep 18, 2005 at 01:15:12AM +0100, Luke Kenneth Casson Leighton wrote:
> dale, hi,
And hello yourself. I've been a bit scarce on this list lately.
Business has been good for a change... so no playtime. :-)
> i did manage to set up debian/selinux - back when 2.6.6 -> 2.6.9 was in
> "unstable".
> it was painful, took about four to five months, and it worked.
Ouch. Well, I'm only interested in getting it up on rack mount
server class machines with no fancy workstation apps on them.
Nothing but LAMP's.
> you will NOT get sarge to work [as-is].
But can you start from the sarge iso and upgrade? Or should I look
at whatever they have as the latest and most bleeding edge "don't
look at me crosseyed or I'll fall over" sid iso?
> you WILL need libselinux1 for a start and because of the freeze
> some 18 months ago libselinux1 did NOT make it into sarge.
I'm picking that up from Russel's repository during the upgrade
and it does install okay.
> you _will_ need the patched version of dpkg - the one that
> sets selinux file contexts on files as it unpacks them - just
> like rpm does.
Yeah, but that shouldn't matter yet: the problems are in the
initial upgrade to SELinux packages so the file system isn't
labeled yet and the kernel is still the base debian one.
> sorry that's a bit long-winded and probably difficult to
> understand but i'm trying to pack stuff in quickly as i remember it -
> from several months ago - without time for review of what i've written.
Oh, that's fine. Many of the items you note will
be time savers. Once I get the initial selinux package
install to work that is...
--
------------------------------------------------------
Dale Amon amon@islandone.org +44-7802-188325
International linux systems consultancy
Hardware & software system design, security
and networking, systems programming and Admin
"Have Laptop, Will Travel"
------------------------------------------------------
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2005-09-18 10:01 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-17 23:31 State of Debian SELinux Dale Amon
2005-09-18 0:10 ` Jiann-Ming Su
2005-09-18 9:47 ` Dale Amon
2005-09-18 0:15 ` Luke Kenneth Casson Leighton
2005-09-18 9:58 ` Dale Amon [this message]
2005-09-18 10:42 ` Luke Kenneth Casson Leighton
2005-09-18 21:58 ` Dale Amon
2005-09-18 22:48 ` Luke Kenneth Casson Leighton
2005-09-19 11:15 ` Dale Amon
2005-09-19 11:56 ` Luke Kenneth Casson Leighton
2005-09-19 12:12 ` Stephen Smalley
2005-09-23 18:53 ` sswami
2005-09-23 20:02 ` Stephen Smalley
2005-09-19 12:27 ` Stephen Smalley
2005-09-20 18:10 ` Dale Amon
2005-09-20 20:14 ` Stephen Smalley
2005-09-22 19:41 ` Stephen Smalley
2005-09-22 21:31 ` Dale Amon
2005-09-22 21:38 ` Dale Amon
2005-09-22 22:43 ` Dale Amon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050918095806.GC25649@vnl.com \
--to=amon@vnl.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.