| View previous topic :: View next topic |
| Author |
Message |
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
 Posted: Sun Nov 05, 2006 5:35 pm Post subject: Selinux installation |
 |
|
Hello, I tryed to install SElinux, following the handbook. I have some questions about this handbook:
Which is the SELinux profile for gentoo 2006.1 ? in the handbook they say to link to the profile /usr/portage/profiles/selinux/2005.1/x86 which is a 2005 profile.
When the hardened sources is installed, do we have to change the link of /usr/src/linux to take the hardened sources when recompiling the kernel ? |
|
| Back to top |
|
 |
nixnut
Bodhisattva
Joined: 09 Apr 2004
Posts: 10974
Location: the dutch mountains
|
| Posted: Sun Nov 05, 2006 5:37 pm Post subject: |
|
|
The 2006.1 selinux profile is for the new reference policy. But you can't use that profile yet if you want to harden your system with pie/ssp. The new profile needs gcc-4.1 and glibc-2.4
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered
talk is cheap. supply exceeds demand |
|
| Back to top |
|
|
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
| Posted: Sun Nov 05, 2006 5:41 pm Post subject: |
|
|
| so for the moment I have to use the 2005 profile? (Sorry but I m trying to install SElinux since some days and I ll try to do a full reinstall, so I want to be sure that it will work!!) |
|
| Back to top |
|
|
nixnut
Bodhisattva
Joined: 09 Apr 2004
Posts: 10974
Location: the dutch mountains
|
| Posted: Sun Nov 05, 2006 6:23 pm Post subject: |
|
|
Yeah, best to stick with the 2005.1 profile for now. That way you can follow the guide.
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered
talk is cheap. supply exceeds demand |
|
| Back to top |
|
|
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
| Posted: Mon Nov 13, 2006 8:27 pm Post subject: |
|
|
So, I tried to do a clean install of gentoo, then SELinux, following the handbook but I still have an issue, when I execute the sestatus command, I get the following error:
| Code: | SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: error (No such file or directory)
Policy version: 20
Policy from config file: security |
But the selinux-base-policy is installed | Code: | | ([ebuild R ] sec-policy/selinux-base-policy-20051022-r1 USE="-build" 0 kB) |
The directory /etc/selinux is missing in my installation. I don't understand what I did wrong. Could anybody give me a clue about this problem, I m really anoyed about this.
And I can't emerge pam, I get an error.
my kernel version is 2.6.17-hardened-r1, and it is pam-0.78-r3 that doesn't emerge
Thanks
Last edited by flipper203 on Tue Nov 14, 2006 8:50 pm; edited 1 time in total |
|
| Back to top |
|
|
flipper203
n00b
Joined: 07 Aug 2005
Posts: 32
Location: Paris
|
| Posted: Tue Nov 14, 2006 8:48 pm Post subject: |
|
|
| up, nobody has any clue for me? |
|
| Back to top |
|
|
ovaron_gen
n00b
Joined: 06 Aug 2006
Posts: 4
|
| Posted: Sun Nov 19, 2006 12:44 am Post subject: |
|
|
| flipper203 wrote: | | up, nobody has any clue for me? |
i dont think the "Mode from config file: error (No such file or directory) " is a problem. |
|
| Back to top |
|
|
nixnut
Bodhisattva
Joined: 09 Apr 2004
Posts: 10974
Location: the dutch mountains
|
| Posted: Sun Nov 19, 2006 2:11 pm Post subject: |
|
|
Try asking on the gentoo-hardened mailling list or on irc in #gentoo-hardened on the freenode network
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered
talk is cheap. supply exceeds demand |
|
| Back to top |
|
|
|
Installing Gentoo
