FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

LinkBack Thread Tools
Old 08-28-2012, 06:44 PM
Sven Vermeulen
Default SELinux policy live ebuilds

Hi guys,

I've pushed out live ebuilds for the SELinux policies to the hardened-dev
overlay. They will pull the policies from the git repository that I develop
the policies in [1]. This allows some users to get the most recent changes
if they can't wait for the ebuilds themselves.

Note however that, if you use this, you will need to update your policies
using the following command:

~# emerge selinux-base selinux-base-policy; emerge $(qlist -IC sec-policy)

This because the dependencies for the modules are always resolved (they all
refer to -9999 which is then always satisfied) so we need to pull them in
explicitly. We first install the base ones (to make sure the interfaces are
properly stored on the file system and the core modules are loaded) and then
all installed modules (this will pull the base/base-policy in again but that
shouldn't hurt).

The overlay also contains an update for the eclass to support live ebuilds
for the SELinux policy modules, but it looks like overlays automatically
take precendence for eclasses as well.

Sven Vermeulen

[1] http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=summary

Thread Tools

All times are GMT. The time now is 04:34 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org