Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
SELinux targeted policy
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Forum italiano (Italian)
View previous topic :: View next topic  
Author Message
malnati
n00b
n00b


Joined: 08 Nov 2010
Posts: 5

PostPosted: Wed Nov 17, 2010 6:39 pm    Post subject: SELinux targeted policy Reply with quote

C'è nessuno che è riuscito a far funzionare SELinux (targeted policy) in Gentoo? Ho bisogno di un piccolo aiuto...
Sto provando ad utilizzarlo in un sistema Gentoo stage3 nuovo di zecca (kernel 2.6.32-hardened-r9), ho provato tutte le versioni di selinux-base-policy disponibili ma l'operazione di etichettatura del file system fallisce sempre con lo stesso errore: "filespec_add: conflicting specifications for ...".
Code:

# rlpkg -a -r
Relabeling filesystem types: ext2 ext3 jfs xfs
filespec_add:  conflicting specifications for /usr/bin/getconf and /usr/lib/misc/glibc/getconf/POSIX_V6_ILP32_OFFBIG, using system_u:object_r:lib_t.
filespec_eval:  hash table stats: 251923 elements, 63077/65536 buckets used, longest chain length 8
Scanning for shared libraries with text relocations...
0 libraries with text relocations, 0 not relabeled.
Scanning for PIE binaries with text relocations...
0 binaries with text relocations detected.

Code:

# sestatus -v
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

Process contexts:
Current context:                unconfined_u:unconfined_r:unconfined_t
Init context:                   system_u:system_r:init_t
/sbin/agetty                    system_u:system_r:getty_t
/usr/sbin/sshd                  system_u:system_r:sshd_t

File contexts:
Controlling term:               unconfined_u:object_r:user_devpts_t
/sbin/init                      system_u:object_r:init_exec_t
/sbin/agetty                    system_u:object_r:getty_exec_t
/bin/login                      system_u:object_r:login_exec_t
/sbin/rc                        system_u:object_r:initrc_exec_t
/sbin/runscript.sh              system_u:object_r:initrc_exec_t
/usr/sbin/sshd                  system_u:object_r:sshd_exec_t
/sbin/unix_chkpwd               system_u:object_r:chkpwd_exec_t
/etc/passwd                     system_u:object_r:etc_t
/etc/shadow                     system_u:object_r:shadow_t
/bin/sh                         system_u:object_r:bin_t -> system_u:object_r:shell_exec_t
/bin/bash                       system_u:object_r:shell_exec_t
/usr/bin/newrole                system_u:object_r:newrole_exec_t
/lib/libc.so.6                  system_u:object_r:lib_t -> system_u:object_r:lib_t
/lib/ld-linux.so.2              system_u:object_r:lib_t -> system_u:object_r:ld_so_t



Code:

# eselect profile list
Available profile symlink targets:
  [1]   default/linux/x86/10.0
  [2]   default/linux/x86/10.0/desktop
  [3]   default/linux/x86/10.0/desktop/gnome
  [4]   default/linux/x86/10.0/desktop/kde
  [5]   default/linux/x86/10.0/developer
  [6]   default/linux/x86/10.0/server
  [7]   hardened/linux/x86/10.0
  [8]   selinux/2007.0/x86
  [9]   selinux/2007.0/x86/hardened
  [10]  selinux/v2refpolicy/x86
  [11]  selinux/v2refpolicy/x86/desktop
  [12]  selinux/v2refpolicy/x86/developer
  [13]  selinux/v2refpolicy/x86/hardened *
  [14]  selinux/v2refpolicy/x86/server
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Forum italiano (Italian) All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum