[ubuntu-hardened] selinux-policy-targeted (1:1.22-2) available

Lorenzo Hernández García-Hierro lorenzo at gnu.org
Sat Mar 26 18:54:32 CST 2005


I'm (very) glad to announce the availability of the first targeted
policy package for Debian and more concretely Ubuntu Linux (this package
is Ubuntu-dependent because of the versions of logrotate, libselinux1,
etc, in which it relies, to be fixed when Debian consolidates userland
for SELinux support and accepts the patches).

The policy source itself has nothing to do Russell Coker's old
selinux-policy-default, but the package is based on his one, this mean,s
same configuration method.Of course it has been updated to complain with
the current Debian Policy (sigh) and some building errors have been
fixed (most notably are related with changes ported out of Fedora's
targeted policy specs).

I encourage all of those interested in SELinux deployment in Ubuntu
Linux (and subsequently, Debian) to check the package, report errors to
this list (we still don't have our bug reporting area like Hardened
Gentoo has within the Gentoo bugzilla, I hope to solve this soon with
the Ubuntu folks) or directly to me, make suggestions, send patches...

The http://www.ubuntulinux.org/wiki/SELinux wiki page has been updated
to reflect the changes.
The current percentage of work done amounts to 75%, if talking in basic
deployment terms, but we could talk about a percentage of 87.5% as
coreutils just need a fixed (and updated) Linux-PAM [1], among a few
fixes, currently available and provided with SELinux support, but has to
be reviewed by a Debian developer or an Ubuntu maintainer.

dpkg is left, thus, the targeted policy package still installs the
suboptimal selinux dpkg postinst script, being replace by Manoj's
changes when I get the clean diff for dpkg from him.

Among that, the configuration method needs to be reworked and I would
like to know who could take care of it, as I wouldn't have time for it.

Package available at:


Lorenzo Hernández García-Hierro <lorenzo at gnu.org> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20050327/c8b695fe/attachment.pgp

More information about the ubuntu-hardened mailing list