New features in the SELinux base policy in Fedora 15 and 16
Regards to all the list
Where I can find the new features introduced in Fedora 15 and 16 on the SElinux base policy? - Bugs fixes - Support of new applications - New applications to make the System Administrator's work more easy I need this information because I'm preparing a talk about "Advanced PostgreSQL Data Protection with SELinux", so I want in that moment to comment these new features. Any advices is welcome. Thanks a lot for your time -- Marcos Luís Ortíz Valmaseda Software Engineer (UCI) http://marcosluis2186.posterous.com http://twitter.com/marcosluis2186 -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote:
> Regards to all the list > Where I can find the new features introduced in Fedora 15 and 16 on the > SElinux base policy? > - Bugs fixes > - Support of new applications > - New applications to make the System Administrator's work more easy > > I need this information because I'm preparing a talk about "Advanced > PostgreSQL Data Protection with SELinux", so > I want in that moment to comment these new features. > > Any advices is welcome. > Thanks a lot for your time > I usually find out whats new in various ways: 1. See the policy git repository for new commits ( bugfixes and support for new applications) http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs for the "user land" related changed. 3. See the nsa.gov selinux maillist archives for SELinux changes in the kernel. 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new interesting features. 5. Keep an eye on the tresys.com refpolicy maillist archives for changes to policy upstream Some of the things that recently added that i can come up with is: moving /selinux to /sys/fs/selinux read policy from /sys/fs/selinux/policy named file transitions audit_access capability permission various new policy module semanage --equiv option and everything else i forgot... -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote:
> Regards to all the list > Where I can find the new features introduced in Fedora 15 and 16 on the > SElinux base policy? > - Bugs fixes > - Support of new applications > - New applications to make the System Administrator's work more easy > > I need this information because I'm preparing a talk about "Advanced > PostgreSQL Data Protection with SELinux", so > I want in that moment to comment these new features. > > Any advices is welcome. > Thanks a lot for your time > I usually find out whats new in various ways: 1. See the policy git repository for new commits ( bugfixes and support for new applications) http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs for the "user land" related changed. 3. See the nsa.gov selinux maillist archives for SELinux changes in the kernel. 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new interesting features. 5. Keep an eye on the tresys.com refpolicy maillist archives for changes to policy upstream Some of the things that recently added that i can come up with is: moving /selinux to /sys/fs/selinux read policy from /sys/fs/selinux/policy named file transitions audit_access capability permission various new policy module semanage --equiv option and everything else i forgot... -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 On 06/30/2011 02:10 PM, Miroslav Grepl wrote: > On 06/29/2011 07:48 PM, Dominick Grift wrote: >> >> On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote: >>> Regards to all the list >>> Where I can find the new features introduced in Fedora 15 and 16 on the >>> SElinux base policy? >>> - Bugs fixes >>> - Support of new applications >>> - New applications to make the System Administrator's work more easy >>> >>> I need this information because I'm preparing a talk about "Advanced >>> PostgreSQL Data Protection with SELinux", so >>> I want in that moment to comment these new features. >>> >>> Any advices is welcome. >>> Thanks a lot for your time >>> >> I usually find out whats new in various ways: >> >> 1. See the policy git repository for new commits ( bugfixes and support >> for new applications) >> >> http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary >> >> 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs >> for the "user land" related changed. >> >> 3. See the nsa.gov selinux maillist archives for SELinux changes in the >> kernel. >> >> 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new >> interesting features. >> >> 5. Keep an eye on the tresys.com refpolicy maillist archives for changes >> to policy upstream >> >> Some of the things that recently added that i can come up with is: >> >> moving /selinux to /sys/fs/selinux >> read policy from /sys/fs/selinux/policy >> named file transitions > https://fedoraproject.org/wiki/Features/SELinuxFileNameTransition >> audit_access capability permission >> various new policy module >> semanage --equiv option >> >> and everything else i forgot... >> >> >> >> >> -- >> selinux mailing list >> selinux@lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/selinux > > > > -- > selinux mailing list > selinux@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/selinux You can also get a list of permissive domains for each release which gives you a good idea of the new confined domains being developed for that release. F16 shows abrt_retrace_coredump_t abrt_retrace_worker_exec_t callweaver_t dspam_t fail2ban_client_t gnomeclock_systemctl_t lldpad_t mscan_t puppetca_t pyicqt_t rhev_agentd_t sanlock_t telepathy_logger_t traffic_cop_t traffic_manager_t traffic_server_t wdmd_t zarafa_indexer_t F15 Shows gnomeclock_systemctl_t telepathy_gabble_t telepathy_sofiasip_t mock_t keyboardd_t telepathy_idle_t telepathy_mission_control_t matahari_serviced_t telepathy_salut_t zarafa_indexer_t firewalld_t telepathy_sunshine_t colord_t telepathy_stream_engine_t systemd_notify_t systemd_passwd_agent_t mozilla_plugin_t matahari_hostd_t matahari_netd_t passenger_t systemd_tmpfiles_t foghorn_t telepathy_msn_t namespace_init_t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk4MoSMACgkQrlYvE4MpobMgGACfQ15FFGLSrX ROEqXjCz3fFk7u 3/4AoNViLWCkcJ55Lq5ajAa7pa3VEWiG =Kf8L -----END PGP SIGNATURE----- -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
On 06/29/2011 07:48 PM, Dominick Grift wrote:
On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote: Regards to all the list Where I can find the new features introduced in Fedora 15 and 16 on the SElinux base policy? - Bugs fixes - Support of new applications - New applications to make the System Administrator's work more easy I need this information because I'm preparing a talk about "Advanced PostgreSQL Data Protection with SELinux", so I want in that moment to comment these new features. Any advices is welcome. Thanks a lot for your time I usually find out whats new in various ways: 1. See the policy git repository for new commits ( bugfixes and support for new applications) http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs for the "user land" related changed. 3. See the nsa.gov selinux maillist archives for SELinux changes in the kernel. 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new interesting features. 5. Keep an eye on the tresys.com refpolicy maillist archives for changes to policy upstream Some of the things that recently added that i can come up with is: moving /selinux to /sys/fs/selinux read policy from /sys/fs/selinux/policy named file transitions https://fedoraproject.org/wiki/Features/SELinuxFileNameTransition audit_access capability permission various new policy module semanage --equiv option and everything else i forgot... -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
Thanks to all for the quick responses.
On 06/30/2011 01:40 PM, Miroslav Grepl wrote: On 06/29/2011 07:48 PM, Dominick Grift wrote: On Wed, 2011-06-29 at 15:07 -0400, Marcos Ortiz wrote: Regards to all the list Where I can find the new features introduced in Fedora 15 and 16 on the SElinux base policy? - Bugs fixes - Support of new applications - New applications to make the System Administrator's work more easy I need this information because I'm preparing a talk about "Advanced PostgreSQL Data Protection with SELinux", so I want in that moment to comment these new features. Any advices is welcome. Thanks a lot for your time I usually find out whats new in various ways: 1. See the policy git repository for new commits ( bugfixes and support for new applications) http://git.fedorahosted.org/git/?p=selinux-policy.git;a=summary 2. See the policycoreutils. libsepol, libmanage, checkpolicy changelogs for the "user land" related changed. 3. See the nsa.gov selinux maillist archives for SELinux changes in the kernel. 4. Keep an eye on dwalsh' livejournal blog. He will often touch on new interesting features. 5. Keep an eye on the tresys.com refpolicy maillist archives for changes to policy upstream Dominick, I'm trying to follow your steps to develop the SELinux's policy for PgPool-II. When I finish, I'll send to all you the files (pgpool2.{fc,te}) Regards Some of the things that recently added that i can come up with is: moving /selinux to /sys/fs/selinux read policy from /sys/fs/selinux/policy named file transitions https://fedoraproject.org/wiki/Features/SELinuxFileNameTransition audit_access capability permission various new policy module semanage --equiv option and everything else i forgot... -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux -- Marcos Luís Ortíz Valmaseda Software Engineer (UCI) http://marcosluis2186.posterous.com http://twitter.com/marcosluis2186 -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
New features in the SELinux base policy in Fedora 15 and 16
On Thu, 2011-06-30 at 14:25 -0430, Marcos Ortiz wrote:
> Dominick, I'm trying to follow your steps to develop the SELinux's > policy for PgPool-II. > When I finish, I'll send to all you the files (pgpool2.{fc,te}) > Regards Ok if you need some interactive guidance feel free to come see me on irc.freenode.org in #fedora-selinux -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
| All times are GMT. The time now is 07:21 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.