From: Dale Amon <amon@vnl.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Dale Amon <amon@vnl.com>,
Manoj Srivastava <manoj.srivastava@stdc.com>,
Russell Coker <russell@coker.com.au>,
selinux@tycho.nsa.gov
Subject: Re: State of Debian SELinux
Date: Thu, 22 Sep 2005 23:43:06 +0100 [thread overview]
Message-ID: <20050922224306.GZ27432@vnl.com> (raw)
In-Reply-To: <20050922213855.GY27432@vnl.com>
[-- Attachment #1: Type: text/plain, Size: 1147 bytes --]
Okay, I've got the debian selinux-policy-default package to install
finally. These are the hacks I used:
cd file_contexts/program/
touch dante.fc winbind.fc
#This is not required, but gets rid of an error msg
#edit nrpe.fc and comment out two lines:
# #/usr/lib(64)?/netsaint/plugins(/.*)? -- system_u:object_r:bin_t
# #/usr/lib(64)?/nagios/plugins(/.*)? -- system_u:object_r:bin_t
cd ../../domains/misc
#edit kernel.te, make line look like:
# type kernel_t, domain, privmodule, privlog, sysctl_kernel_writer, etc_writer ;
cd ../programs
#edit rpm.te and put conditional around line:
# ifdef(`rpm.te', `
# allow cupsd_config_t rpm_var_lib_t:file { getattr read };
# ')
I won't guarantee my hacks are right, but they
get me through dselect at least.
--
------------------------------------------------------
Dale Amon amon@islandone.org +44-7802-188325
International linux systems consultancy
Hardware & software system design, security
and networking, systems programming and Admin
"Have Laptop, Will Travel"
------------------------------------------------------
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
prev parent reply other threads:[~2005-09-22 22:43 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-17 23:31 State of Debian SELinux Dale Amon
2005-09-18 0:10 ` Jiann-Ming Su
2005-09-18 9:47 ` Dale Amon
2005-09-18 0:15 ` Luke Kenneth Casson Leighton
2005-09-18 9:58 ` Dale Amon
2005-09-18 10:42 ` Luke Kenneth Casson Leighton
2005-09-18 21:58 ` Dale Amon
2005-09-18 22:48 ` Luke Kenneth Casson Leighton
2005-09-19 11:15 ` Dale Amon
2005-09-19 11:56 ` Luke Kenneth Casson Leighton
2005-09-19 12:12 ` Stephen Smalley
2005-09-23 18:53 ` sswami
2005-09-23 20:02 ` Stephen Smalley
2005-09-19 12:27 ` Stephen Smalley
2005-09-20 18:10 ` Dale Amon
2005-09-20 20:14 ` Stephen Smalley
2005-09-22 19:41 ` Stephen Smalley
2005-09-22 21:31 ` Dale Amon
2005-09-22 21:38 ` Dale Amon
2005-09-22 22:43 ` Dale Amon [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050922224306.GZ27432@vnl.com \
--to=amon@vnl.com \
--cc=manoj.srivastava@stdc.com \
--cc=russell@coker.com.au \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.