Stuff V

  • I have started looking into SELinux on Debian recently. SELinux provides mandatory access control for Linux, which gives you great control over which process may do what with which files, other processes, network connections etc. I've still got a lot to learn and read (more posts will probably follow), but if you're inclined to try it yourself here are a few tips:
    • First, read the SELinux and especially the SELinuxSetup pages in the Debian wiki. Also checkout the SELinuxStatus page.
    • There are currently a few bugs I noticed, which cause some trouble: bug #369852 prevents a correct install of the selinux-policy-default package, but the work-around mentioned in the bug report works fine. I reported bug #372543 yesterday, but there's an easy work-around for that, too.
    • I had to change "SELINUX=enforcing" to "SELINUX=permissive" in /etc/selinux/config (at least for now), otherwise my system won't boot up anymore because of SELinux denied permissions (I think). I'm pretty sure this is either a bug or me doing something wrong, but I haven't figured out yet what that is.
  • Robert Nunnally (a.k.a Gurdonark) has created a photo collage video (YouTube, requires Flash) for Marco Raaphorst's "Blowing Snow" song. He used some of the Creative Commons licensed photos from my photoblog for the video.
  • Wow! Today the number of people subscribed to my music podcast (via RSS) exceeded 200 for the first time! Thanks everyone for listening!
  • GNU/Hurd 1.0.0 has been released. Finally! And they've built it on top of an interesting "middleware"...

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Please test the new policy

Hi,
please test the new policy packages just added to unstable (see my blog posting on them).
The old policy is no longer maintained upstream.

Refpolicy

Will do, thanks. The wiki needs some updating, too, still talks about selinux-policy-default...

Cheers, Uwe.