[ubuntu-hardened] SELinux on Karmic?

John Dong jdong at ubuntu.com
Fri Sep 4 17:52:37 BST 2009

Indeed security=selinux worked as expected!

Our selinux-policy-ubuntu still doesn't properly support X/GDM  
sessions right? After enabling selinux I noticed post-login I was in  
some weird system_u context.

Sent from my iPhone

On Sep 3, 2009, at 11:23 AM, Kees Cook <kees at ubuntu.com> wrote:

> Hi,
> On Thu, Sep 03, 2009 at 11:15:00AM -0400, John Dong wrote:
>> SELinux only relies on GRUB for passing in selinux=1 /
>> apparmor.enabled=0, correct?
>> This system is actually upgraded from a stock Jaunty install so it's
>> currently running GRUB1. I see selinux=1 passed into the kernel but  
>> the
>> userland doesn't seem to react; sestatus reports itself as disabled,
>> nothing is mounted at /selinux, etc, which would lead me to suspect
>> something in addition to grub2 being the culprit?
> Actually, in addition to the grub2 stuff, the kernel changed how it  
> does
> LSM selection.  I think it needs to be security=selinux instead of
> selinux=1, but I haven't tested it myself.
> -Kees
> -- 
> Kees Cook
> Ubuntu Security Team
> -- 
> ubuntu-hardened mailing list
> ubuntu-hardened at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened

More information about the ubuntu-hardened mailing list