Is SELinux available for Ubuntu ?

Bruno Costacurta pubmb01 at skynet.be
Mon Feb 12 17:13:17 UTC 2007 

On Monday 12 February 2007 16:20, Joel Bryan Juliano wrote:
> On 2/12/07, Bruno Costacurta <pubmb01 at skynet.be> wrote:
> > Hello,
> >
> > is SELinux available for Ubuntu ?
> > Are there some packages ? Which ?
> >
> > Apparently package 'selinux-policy-default' is broken...
>
> Yes, it's available in Ubuntu, but currently the targeted policy only
> works well on "permissive" mode. I think enforcing policy will work if
> there's a custom policy, specifically for Ubuntu.
>
> you would have to install the specific policy, since
> selinux-policy-default is a metapackage of selinux-basics and
> selinux-policy-targeted.
>
> Then relabel the system (i.e $ relabel /, or touch /.autorelabel and
> reboot)
>
> BTW, some say permissive mode does not do something on the system. I
> tried installing beagle with permissive mode, and it failed, since
> chage is disallowed to change user priorities.
>
> Another is try running X on a chroot environment, (LiveCD with $ cd
> dev && MAKEDEV generic), and the themes doesn't apply.
>
> I think permissive mode does have effects.
>
> > .
> > sudo apt-get install selinux-policy-default
> > Reading package lists... Done
> > Building dependency tree
> > Reading state information... Done
> > The following NEW packages will be installed:
> > selinux-policy-default
> > ...etc...
> >  /usr/sbin/load_policy:  Can't load policy:  No such file or directory
> > make: *** [tmp/load] Error 2
> > .
> >
> > Many thanks for any clue.
> > Bye,
> > Bruno
> >
> > --
> > ubuntu-users mailing list
> > ubuntu-users at lists.ubuntu.com
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
> --
> Carpe Diem

I installed package 'selinux-basics', make relabel and add selinux=1 as a 
kernel parameter in the grub boot and reboot. 
However getenforce allways return disabled.
How to enabled SElinux in permissive mode ?

Note : I have the feeling that SELinux is not started :  touch /.autorelabel 
is not working as file strangely remains in place after reboot. 

Thanks,
Bruno

More information about the ubuntu-users mailing list