[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: Question about SELinux userspace library and scripts?
From:       "Justin P. Mattock" <justinmattock () gmail ! com>
Date:       2008-12-24 8:10:49
Message-ID: 4951EE89.2080007 () gmail ! com
[Download RAW message or body]

Atsushi SAKAI wrote:
> Hi,
>
> Thank you for your comments.
>
> I just want to know that
> where is the ALL userland source code?
>
> For example, I thought user-land code is only in userspace library.
> But further investigatin found the code also in refpolicy/support.
>
> I am worrying about other unread code or script exists. 
>
> Thanks
> Atsushi SAKAI
>
>
> "Justin P. Mattock" <justinmattock@gmail.com> wrote:
>
>   
>> Atsushi SAKAI wrote:
>>     
>>> Hi,
>>>
>>> I have a question about user-space library and script.
>>> As far as I know, following 6-library and 1-script are exists.
>>>
>>> Userspace library(6-libs(utils included))
>>>   http://userspace.selinuxproject.org/trac/wiki/Userland
>>>
>>> macro for reference policy(scripts in following dir)
>>>   serefpolicy-3.5.13/support
>>>
>>> Any other library and script exists ?
>>> and 
>>> some explanation about serefpolicy macros?
>>>
>>>
>>> Thanks
>>> Atsushi SAKAI
>>>
>>>
>>>
>>>
>>> --
>>> This message was distributed to subscribers of the selinux mailing list.
>>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>>> the words "unsubscribe selinux" without quotes as the message.
>>>
>>>   
>>>       
>>  From experience with userland
>> just do a git-pull..
>> should give the the proper files
>> except for python-selinux to build a custom policy
>> (as for macros not too sure);
>>
>> regards;
>>
>> Justin P. Mattock
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>> This message was distributed to subscribers of the selinux mailing list.
>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>> the words "unsubscribe selinux" without quotes as the message.
>>     
>
>
>
>   
Using the userland sourcecode is nice
everything is needed to build a policy i.g.
git clone http://oss.tresys.com/git/selinux.git
then after downloading the source, compile
(you will need certain packages; libpam-dev
flex, gawk, libustr-dev, gettext, sysvinit etc..)
then after compiling and installing,
you only need the python-selinux package.
(for the userland libraries and tools to work, and a policy);
then go grab you're policy
then after compiling the policy;
and making /selinux in you're tree,
you should just reboot and the policy should load
{boot params audit=1 selinux=1 enforcing=0/1};
(after loading the policy you should make relabel,
just to be safe); Userland provides all of the essentials
to build a policy.

Then once the policy is running you need to add you're
entry's in /etc/pam.d/* for newrole to work.

If you need help there's plenty of people to help you.
just don't be afraid to ask.

regards;

Justin P. mattock






--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]