[DSE-Dev] Bug#795505: selinux-basics: reccommends a non-existant package
Richard Jasmin
frazzledjazz at gmail.com
Fri Aug 14 19:24:40 UTC 2015
Package: selinux-basics
Version: 0.5.2
Severity: grave
Tags: security
Justification: renders package unusable
Either instructions for setting up SELinux(enabled by default on Fedora) are
wrong and need to be changed or selinux-policy-default package needs to be
built for debian as a whole. Seems no distro has this package according to a
web package search but setting up SELinux seems to depend on it.
Did the policies get put into another package? They are pretty much required to
setup SELinux.
Tomoyo and apparmor may work as alternates but the reccommended course of
action is SELinux.It is also more common method. There is also no reason to not
have it installed and basic config setup by default(either on install media or
live media). Ignore this hardening reccomendation at your own peril.
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.0.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages selinux-basics depends on:
ii checkpolicy 2.3-1
ii policycoreutils 2.3-1
pn python:any <none>
ii selinux-utils 2.3-2+b1
Versions of packages selinux-basics recommends:
pn selinux-policy-default <none>
ii setools 3.3.8-3.2
Versions of packages selinux-basics suggests:
pn logcheck <none>
pn syslog-summary <none>
-- no debconf information
More information about the SELinux-devel
mailing list