Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Hardened (http://www.linux-archive.org/gentoo-hardened/)
-   -   SELinux policy live ebuilds (http://www.linux-archive.org/gentoo-hardened/698631-selinux-policy-live-ebuilds.html)

Sven Vermeulen 08-28-2012 06:44 PM
SELinux policy live ebuilds
 
Hi guys,

I've pushed out live ebuilds for the SELinux policies to the hardened-dev
overlay. They will pull the policies from the git repository that I develop
the policies in [1]. This allows some users to get the most recent changes
if they can't wait for the ebuilds themselves.

Note however that, if you use this, you will need to update your policies
using the following command:

~# emerge selinux-base selinux-base-policy; emerge $(qlist -IC sec-policy)

This because the dependencies for the modules are always resolved (they all
refer to -9999 which is then always satisfied) so we need to pull them in
explicitly. We first install the base ones (to make sure the interfaces are
properly stored on the file system and the core modules are loaded) and then
all installed modules (this will pull the base/base-policy in again but that
shouldn't hurt).

The overlay also contains an update for the eclass to support live ebuilds
for the SELinux policy modules, but it looks like overlays automatically
take precendence for eclasses as well.

Wkr,
Sven Vermeulen

[1] http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=summary


All times are GMT. The time now is 10:07 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.