[ubuntu-hardened] Setting up SELinux on Ubuntu Gutsy 7.10

आशीष Ashish wahjava.ml at gmail.com
Tue Dec 11 06:44:14 GMT 2007

,--[ On Tuesday 11 Dec 2007, Chad Sellers wrote:


| Right now, you can enable SELinux manually one of two ways. The first is to
| swap out upstart for sysvinit. The second is to install the latest
| policycoreutils from upstream and create an initramfs hook in your initrd
| to call the new load_policy -i. Then you have to modify your grub.conf to
| pass selinux=1 on the kernel command line. You probably also want to
| disable loading of the AppArmor kernel module (as SELinux and AppArmor
| can't both be enabled).

Thanks for all the replies. I'll install SELinux on my box in few days.

| Christer is correct that the other problem is the policy. The current
| policies were written for Debian, and don't entirely work on Ubuntu. So,
| the only way to get SELinux enforcing right now is to do a good bit of
| SELinux policy work yourself. Otherwise you'll have to wait a little bit
| till we get a useable policy.

If possible, I'll try my best to write a policy for Ubuntu.

| Thanks,
| Chad Sellers

Ashish Shukla आशीष शुक्ल                      http://wahjava.wordpress.com/
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20071211/e9337e9d/attachment.pgp 

More information about the ubuntu-hardened mailing list