APT, Yum and Red Carpet

Daniel J Walsh dwalsh at redhat.com
Mon Aug 18 14:03:50 UTC 2003


A lot of the userspace changes are in the SRPMs but turned off.  You can 
rebuild using
rpmbuild --define "WITH_SELINUX 1" XYZ.rpm to activate the changes.  The 
SELinux
userspace packages are available on

ftp://people.redhat.com/dwalsh/SELinux/packages

This stuff is very experimental.  The code checks to see if there is an 
SELinux aware kernel, if not it should work just like the non patched code.

Any help would be appreciated.

Dan

Michael K. Johnson wrote:

>On Wed, Aug 13, 2003 at 03:05:52PM +0100, Paul Nasrat wrote:
>  
>
>>On Wed, Aug 13, 2003 at 07:52:57AM -0600, Chris Ricker wrote:
>>    
>>
>>><re-routed to devel list>
>>>      
>>>
>> 
>>    
>>
>>>Speaking of which, is there any interest in incorporating RSBAC (preferably) 
>>>or SELinux into RHLP, long-term?
>>>      
>>>
>>SELinux architecture has been merged in 2.6.0-test3, so I imagine that
>>Cambridge++ will have that SELinux in it.
>>    
>>
>
>Well, the technology exists in the kernel source tree, and we
>encouraged its inclusion in the mainline tree.  But SELinux has
>other components, particularly userland code changes and policy.
>Policy management is a major job in and of itself.  Also, there's
>a performance cost to enabling SELinux that needs to be considered.
>
>As I've mentioned before, upstream acceptance is a key point; this
>distinguishes SELinux.  In addition, Red Hat is specifically working
>on SELinux, as mentioned in a webcast we did recently:
>https://www.redhat.com/apps/webform.html?event_type=webcast&eid=225
>And the top search response on SELinux on our web site is this page:
>http://www.redhat.com/solutions/security/SELinux.html
>
>We haven't made a committment to include SELinux in Cambridge++,
>nor to not include it.  :-)  We're certainly actively working on
>SELinux, and if there are like-minded developers who want to, say,
>participate with us in doing policy work, speak up, and maybe it
>will make sense.
>
>I'm personally curious: how many people on this list have worked on
>SELinux policy and/or policy tools?
>
>michaelkjohnson
>
> "He that composes himself is wiser than he that composes a book."
> Linux Application Development                     -- Ben Franklin
> http://people.redhat.com/johnsonm/lad/
>
>
>--
>Rhl-devel-list mailing list
>Rhl-devel-list at redhat.com
>http://www.redhat.com/mailman/listinfo/rhl-devel-list
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/devel/attachments/20030818/104d4e32/attachment-0002.html 


More information about the devel mailing list