[ubuntu-hardened] Correctly Enabling SELinux on Intrepid
ledefi.88 at googlemail.com
Mon Dec 29 22:08:36 GMT 2008
Thanks for that. I'd come to the conclusion that the policy was the issue...
Selinux is working, it's just configured in such a way that when enforced
the policy starts denying me access to... everything, which is a policy
issue as far as I understand it. I did briefly look at the reference policy
and built it from source but don't have the time to play around until I have
something usable (some things are still denied e.g. cryptsetup mounting
That's not the first time I've been told to install Fedora for selinux so
have gone ahead and done so.
2008/12/25 Aaron Toponce <atoponce at ubuntu.com>
> ledefi.88 wrote:
> > So, how do I get to the point where I have a policy running in enforcing
> > mode on my system? I can clearly get selinux working... but the policy
> > being used seems to be the problem.
> SELinux is massively and horribly broken on Ubuntu 8.10. I've spent
> countless hours trying to get it to work, all wasted. If you must run
> SELinux, I'd install Fedora, as the Targeted policy is written by Red
> Hat employees, and Just Works on Red Hat based distros. For Ubuntu, I'd
> run and learn AppArmor until SELinux gets fixed.
> Just my two cents.
> ,-O Aaron Toponce
> O } Ubuntu Member
> `-O http://www.ubuntu.com
> ubuntu-hardened mailing list
> ubuntu-hardened at lists.ubuntu.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-hardened