From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from jazzdrum.ncsc.mil (zombie.ncsc.mil [144.51.88.131]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id k42Faj2B003839 for ; Tue, 2 May 2006 11:36:45 -0400 Received: from main.astronetworks.net (jazzdrum.ncsc.mil [144.51.5.7]) by jazzdrum.ncsc.mil (8.12.10/8.12.10) with ESMTP id k42FahUP025801 for ; Tue, 2 May 2006 15:36:44 GMT Received: from [86.125.49.54] (helo=localhost.localdomain) by main.astronetworks.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.52) id 1FawvW-0004qG-Oq for selinux@tycho.nsa.gov; Tue, 02 May 2006 08:36:39 -0700 From: =?iso-8859-1?q?T=F6r=F6k_Edwin?= To: selinux@tycho.nsa.gov Subject: Re: [1/4] Labeling only policy for fireflier Date: Tue, 2 May 2006 18:36:24 +0300 References: <200604021240.21290.edwin@gurde.com> <200605011917.54954.edwin@gurde.com> <1146509739.20331.47.camel@sgc> In-Reply-To: <1146509739.20331.47.camel@sgc> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Message-Id: <200605021836.25009.edwin@gurde.com> Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov On Monday 01 May 2006 21:55, Christopher J. PeBenito wrote: > On Mon, 2006-05-01 at 19:17 +0300, Török Edwin wrote: > > Hi, > > [I have split this mail in several parts for easier reading.] > > > > I have create a stripped down policy for use with fireflier. > > (for those who didn't read the entire thread: the purpose of this policy > > is to provide labels for sockets, to be used with skfilter/secmark) > > It would be better if you could give the source files and/or a diff from > reference policy, rather than expanded base.conf, etc. It'll be much > simpler to understand. I have sent the diff inline in my previous mail, unfortunately it was too large (exceeded this mailing list's maximum).Sorry about this. I uploaded the policy diffs here: http://edwintorok.googlepages.com/policy.diff http://edwintorok.googlepages.com/conf.diff Policy.diff is the diff of my modifications to reference policy. I used the reference policy, with these modules in base: selinux,files,filesystem,kernel,domain,corenetwork. I then hand-edited the generated conf file, making certain types aliases, and removed the portcon statements. Conf.diff is the diff of base.conf generated by a reference policy build, and my fireflier_base.conf. Edwin -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.