From: Dale Amon <amon@vnl.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: SELinux List <SELinux@tycho.nsa.gov>
Subject: More Debian bugs
Date: Fri, 23 Sep 2005 20:52:27 +0100 [thread overview]
Message-ID: <20050923195227.GA21546@vnl.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1825 bytes --]
As I plough onwards... with last nights set of hacks
I was able to label files today. But that is about it.
The latest debian packaged kernel turns out to have
POLICYVERS=19 in security.h. However, the selinux-policy-default
package builds a policy.20.
I have other error messages which may or may not
follow from that problem. When I attempt a load_policy:
sepol_genusers: can't find system.users
No such file or directory
unable to get boolean names: No surc file or directory
I also note there are some dangling softlinks created
by the setools package:
/usr/share/setools/
lrwxrwxrwx 1 root root 24 2005-09-23 18:18 seaudit-report.conf -> /etc/seaudit-report.conf
lrwxrwxrwx 1 root root 23 2005-09-23 18:18 seaudit-report.css -> /etc/seaudit-report.css
lrwxrwxrwx 1 root root 16 2005-09-23 18:18 seuser.conf -> /etc/seuser.conf
But the targets are not at those locations, they are:
/etc/setools/
-rw-r--r-- 1 root root 2805 2005-09-15 08:29 seaudit-report.conf
-rw-r--r-- 1 root root 3040 2005-09-15 08:29 seaudit-report.css
-rw-r--r-- 1 root root 1815 2005-09-15 08:29 seuser.conf
Although I have not looked at Stephens patches, I
would very much be surprised if I could just change
the defines in security.h, rebuild the kernel and
have it work...
I've got a bad feeling that the debian kernel
(2.6.12-1-686) is using a very out of date
selinux patch set.
--
------------------------------------------------------
Artemis Systems Development
Dale Amon amon@islandone.org +44-7802-188325
International linux systems consultancy
Hardware & software system design, security
and networking, systems programming and Admin
"Have Laptop, Will Travel"
------------------------------------------------------
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next reply other threads:[~2005-09-23 19:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-23 19:52 Dale Amon [this message]
2005-09-23 20:10 ` More Debian bugs Stephen Smalley
2005-09-23 20:24 ` Stephen Smalley
2005-09-23 21:03 ` Dale Amon
[not found] ` <20050924013709.GA27686@vnl.com>
2005-09-26 13:33 ` Dale Amon
2005-10-09 10:19 ` Russell Coker
2005-10-09 14:50 ` Luke Kenneth Casson Leighton
2005-10-09 20:44 ` Russell Coker
2005-10-09 22:08 ` Luke Kenneth Casson Leighton
2005-10-09 23:09 ` Russell Coker
2005-10-10 9:05 ` Luke Kenneth Casson Leighton
2005-10-13 4:31 ` Dale Amon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050923195227.GA21546@vnl.com \
--to=amon@vnl.com \
--cc=SELinux@tycho.nsa.gov \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.