[ubuntu-hardened] unconfined versus SE module in Ubuntu Jaunty: SELinux

Scott Smyth ssmyth at sapereconsulting.com
Tue Apr 28 18:57:38 BST 2009


I am new to Ubuntu Jaunty and selinux-policy-ubuntu but 
definitely not new to Linux.  I was surprised
to find that a module I had setup in Fedora Core did
not work with the loaded module compiled under Jaunty
selinux-policy-ubuntu set to "ubuntu".  Instead of
using my SE module, the program defaulted to "unconfined"
and "chkpwd_t" rather than "lld2d_t" type.

OS: ubuntu Jaunty 9.04 server x86
selinux-policy-ubuntu (0.2.20090324-0ubuntu2)

Is there a step I am missing for Jaunty that will enable
my module successfully?  It is loaded according to "semodule -l".

The program is the L2 mapping daemon from Microsoft, lld2d.

unconfined_u:system_r:chkpwd_t:s0-s0:c0.c255 root 4389 0.0  0.0 1884 324 ?     S    10:55   0:00 /usr/sbin/lld2d eth0


More information about the ubuntu-hardened mailing list