[DSE-Dev] Debian refpolicy and core SELinux package update

Václav Ovsík vaclav.ovsik at i.cz
Fri Mar 21 11:52:53 UTC 2008


On Wed, Mar 19, 2008 at 11:01:40PM -0500, Manoj Srivastava wrote:
> Hi,
>         As of this writing, all the core SELinux packages in Debian have
>  been updated to the latest release earlier this month; and thus are
>  fairly up to date.
>         I have also merged SVN HEAD of refpolicy into the Debian
>  package, and thus the refpolicy packages uploaded tonight will have the
>  latest refpolicy changes.
>         I am beginning to come back from a deadline crunch on my day
>  job, and start paying attention to my Debian packages again; so
>  hopefully the state of SELinux in Debian will improve -- at least, I'll
>  try to be more reactive in the future.

Fine to read this. Thanks.

>         anyway, kick the tyres, look at the Debian diffs with regards to
>  the upstream refpolicy.  We should have a dialog about which changes
>  need to be purged, and which should be fed upstream.

I have already some open threads over selinux at tycho.nsa.gov. I hope they
will continue to some final state.
Maybe the discussion about SELinux problems can be managed
on selinux-devel at lists.alioth.debian.org now.
I'm going to post something...

Besides refpolicy, we must consider patching some user tools, so they
work fine with SELinux.  I think we should adopt some patches from
Fedora to vim, coreutils,....  It could be annoying to run restorecon
after every editing of a config file. Also star should be bumped to some
newer version, so we could have at least one tool capable of backup
extended attributes


More information about the SELinux-devel mailing list