From: Paul Moore <paul.moore@hp.com>
To: "selinux@tycho.nsa.gov" <selinux@tycho.nsa.gov>
Subject: Re: You mentioned somewhere there is a step by step guide to getting the MLS policy installed on a machine?
Date: Thu, 14 Apr 2005 16:24:40 -0400 [thread overview]
Message-ID: <425ED188.3020008@hp.com> (raw)
In-Reply-To: <1111586615.21107.60.camel@moss-spartans.epoch.ncsc.mil>
Stephen Smalley wrote:
> On Wed, 2005-03-23 at 08:57 -0500, Daniel J Walsh wrote:
>
>>If I follow those instructions with the Current Rawhide kernel and the
>>soon to be released selinux-policy-mls, can I get a SELinux/MLS machine
>>up and running or do I need addtional packages from TCS?
>
> You should be able to get a basic system working without any further
> packages (I did). But you will need to make the home directory and /tmp
> ranged (as mentioned in README.MLS) in order to allow access by multiple
> levels since the polyinstantiated directory support is not in the
> mainline kernel, and are likely to encounter various denials when trying
> to operate at multiple levels. For a fully operational MLS system,
> there will have to be further userspace work.
>
I just wanted to get some clarification here as the MLS README is a
little vague in this area - assuming I have followed all of the install
instructions in the README file, what we be the correct label to use for
the mountpoints (one of the last steps in the install process),
especially the pseudo filesystems such as /proc?
Thanks,
--
. paul moore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. paul.moore@hp.com hewlett packard
. (603) 884-5056 linux security
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2005-04-14 20:28 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-17 23:13 [patch] enhanced MLS support Darrel Goeddel
2005-01-17 23:16 ` Darrel Goeddel
2005-01-21 17:42 ` Stephen Smalley
2005-01-21 18:04 ` Stephen Smalley
2005-02-01 16:17 ` Stephen Smalley
2005-01-23 18:44 ` James Morris
2005-01-24 3:40 ` Casey Schaufler
2005-01-24 12:30 ` Stephen Smalley
2005-01-24 16:38 ` Casey Schaufler
2005-01-24 16:57 ` Stephen Smalley
2005-01-25 23:15 ` Darrel Goeddel
2005-01-26 20:35 ` Stephen Smalley
2005-03-22 21:22 ` You mentioned somewhere there is a step by step guide to getting the MLS policy installed on a machine? Daniel J Walsh
2005-03-23 9:41 ` Reloading Policy? John Buwa
2005-03-23 13:28 ` Stephen Smalley
2005-03-23 13:11 ` You mentioned somewhere there is a step by step guide to getting the MLS policy installed on a machine? Stephen Smalley
2005-03-23 13:57 ` Daniel J Walsh
2005-03-23 14:03 ` Stephen Smalley
2005-04-14 20:24 ` Paul Moore [this message]
2005-04-14 20:38 ` Stephen Smalley
2005-04-14 22:52 ` Luke Kenneth Casson Leighton
2005-04-15 0:46 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=425ED188.3020008@hp.com \
--to=paul.moore@hp.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.