[ubuntu-hardened] [Ubuntu SELinux] Linux-PAM-0.78, cron, checkpolicy, libselinux, libsepol, logrotate, sysvinit

Lorenzo Hernández García-Hierro lorenzo at gnu.org
Fri Mar 25 19:45:38 CST 2005 

Hi,

I'm pleased to announce the available of some user-land packages ready
for SELinux support, that amount a total percentage of 75% from the
total work needed to have the base SELinux support in both userland and
kernel-level (the targeted policy is left, coreutils is being fixed and
openssh needs more work, see
http://pearls.tuxedo-es.org/selinux/ubuntu/openssh/openssh_3.9p1-1ubuntu2_i386.build for more information (no, it's not a missing -lselinux ;) ).

The following packages are ready for SELinux support or upgraded:

	1. Linux-PAM 	(0.78)
	2. cron 	(3.0pl1-86ubuntu2)
	3. checkpolicy 	(1.22-3)
	4. libselinux 	(1.22-2)
	5. libsepol 	(1.4-2)
	6. logrotate 	(3.7-3)
	7. sysvinit 	(2.86-5ubuntu)

1. http://pearls.tuxedo-es.org/selinux/ubuntu/pam/

Instead of assessing the risk of porting the patch to the old (and
currently used in both Debian and Ubuntu) 0.76 version, I've re-worked
the package with the current 0.78 version, tested each one of the
specific Debian patches, reviewed each line of diff and the package
building directives.
Thus, most Debian specific patches were ported and are available within
the source (and/or edited and available in ./debian/patches-applied),
also I've used some Fedora's patches (mainly SELinux related ones) and
fixed those offsets and hunks failing during the transition from 0.76 to
0.78.

It's a key goal to update Linux-PAM in both distributions, among
providing SELinux support.

I encourage to test the package and give feedback on it.

2. http://pearls.tuxedo-es.org/selinux/ubuntu/cron/

Re-worked package for Vixie cron (aka cron) that uses the cron-b-se tree
for building and packaging, thus, providing the SELinux compliant
version.

3. http://pearls.tuxedo-es.org/selinux/ubuntu/checkpolicy/

Upgraded from 1.18 to latest from Manoj.

4. http://pearls.tuxedo-es.org/selinux/ubuntu/libselinux/

Upgraded from 1.18 to latest from Manoj (1.22).

5. http://pearls.tuxedo-es.org/selinux/ubuntu/logrotate/

Added SELinux support.

6. http://pearls.tuxedo-es.org/selinux/ubuntu/sysvinit/

Fixed revision with latest code from Fedora's patches, originally using
Russell Coker's old patches.

Thanks in advance for the comments, cheers.
-- 
Lorenzo Hernández García-Hierro <lorenzo at gnu.org> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20050326/e96c3400/attachment-0001.pgp

More information about the ubuntu-hardened mailing list