Re: SELinux, libvirt, and passt

outbound port (not just 80). Antonio On 10/22/24 07:30, Antonio Russo wrote: Hello! I'm trying to use selinux in enforcing mode ON THE HOST while using passt for networking.  I'm using Debian sid, kvm, and qemu on the SYSTEM bus (I could not make any progress using the session bus).

SELinux, libvirt, and passt

Hello! I'm trying to use selinux in enforcing mode ON THE HOST while using passt for networking. I'm using Debian sid, kvm, and qemu on the SYSTEM bus (I could not make any progress using the session bus). What I'm running into is that `apt update` in the guest does not connec

Re: SeLinux

On 28/7/24 06:45, Greg Wooledge wrote: On Sat, Jul 27, 2024 at 22:40:10 +, Andy Smith wrote: Hi, On Sun, Jul 28, 2024 at 06:30:50AM +0800, cor...@free.fr wrote: Is selinux necessary in a production environment? "Will my door still function as a door if it has no lock on it?&qu

Re: SeLinux

On Sat, Jul 27, 2024 at 22:40:10 +, Andy Smith wrote: > Hi, > > On Sun, Jul 28, 2024 at 06:30:50AM +0800, cor...@free.fr wrote: > > Is selinux necessary in a production environment? > > "Will my door still function as a door if it has no lock on it?" More li

Re: SeLinux

On 28/7/24 06:30, cor...@free.fr wrote: Hello I have checked this doc, https://wiki.debian.org/SELinux/Setup Is selinux necessary in a production environment? Will it affect running services such as web, database, mail, etc., causing potential problems? Thanks. I have set it up

Re: SeLinux

Hi, On Sun, Jul 28, 2024 at 06:30:50AM +0800, cor...@free.fr wrote: > Is selinux necessary in a production environment? "Will my door still function as a door if it has no lock on it?" > Will it affect running services such as web, database, mail, etc., > causing potential

SeLinux

Hello I have checked this doc, https://wiki.debian.org/SELinux/Setup Is selinux necessary in a production environment? Will it affect running services such as web, database, mail, etc., causing potential problems? Thanks. -- corey hickman

Re: selinux on bookworm

Everyone, First of all thanks for the input. Unfortunately, I have to apologize, because the actual problem was somewhat silly: selinux appears to be preventing only *root* login at the tty, which I neglected to mention. (Also, I neglected to check until now). Regular user logins are fine

Re: selinux on bookworm

On 5/17/24 02:02, George at Clug wrote: Is AppArmor already installed and running?  It is on my system, maybe this would conflict with SeLinux? # aa-status https://wiki.debian.org/AppArmor/HowToUse Disable AppArmor AppArmor is a security mechanism and disabling it is not

Re: selinux on bookworm

As you found out yourself, by default it's installed and running. And it's quite likely they would interfere. Still, the question remains. Why do you need SELinux? Do you have an actual need for it? If not, go with what's already there. This will be much easier to set up and handl

Re: selinux on bookworm

Is there a specific reason why you want to use SELinux? AppArmor is already there and much easier to configure. SELinux usually causes more issues than AppArmor too as it's not as granular, especially on distros not made specifically for it, at least in my experience. And on Debian, some

Re: selinux on bookworm

Is AppArmor already installed and running?  It is on my system, maybe this would conflict with SeLinux? # aa-status https://wiki.debian.org/AppArmor/HowToUse DISABLE APPARMOR AppArmor is a security mechanism and disabling it is not recommended. If you really need to disable AppArmor on your

selinux on bookworm

Hello, I'm trying to get selinux working on a fresh, gui-free installation of bookworm. I'm not trying to run any servers, nor use standard desktop utilities (yet). I was hoping this setup would be simple enough that selinux would be simple to get going. I'm following [1]

Re: selinux causing problems

On Tue, 2023-10-31 at 18:36 +1300, Alex King wrote: > Now it seems that selinux is active again, and even when I try to set > selinux=0 to disable it, it is still running and spamming the logs with > messages like > > logrotate.service: Failed to read SELinux context of > &#

selinux causing problems

Does anyone know how to disable selinux? I had selinux installed on this system a long time ago. Recently I believe apparmor was active (and therefore selinux not active). Today I upgraded to Debian 12. apparmor was preventing named (bind9) from running; whatever I did, it was denying

Re: mailx and selinux not co-operating

For future reference There is another package mailutils which also provides /usr/bin/mail. This is working fine with selinux in enforcing mode. This is a good alternative On Mon, Aug 21, 2023 at 2:56 AM Bhasker C V wrote: > Thanks Nicholas > However, it doesnt to my knowledge looks l

Re: mailx and selinux not co-operating

Thanks Nicholas However, it doesnt to my knowledge looks like an issue with mailx or sendmail (I use exim4). The reason i derive at at is because the whole thing works the moment i disable selinux. What i wonder is why selinux is not complaining about the failure ? No logs whatsoever ... On Mon

Re: mailx and selinux not co-operating

found > in headers > Can't send mail: sendmail process failed with error code 1 > ``` > however the same works fine when I put selinux in permissive state (no > warnings shown in audit/dmesg) > Is it easy for you to get the headers that cause Sendmail to say "no reci

mailx and selinux not co-operating

ode 1 ``` however the same works fine when I put selinux in permissive state (no warnings shown in audit/dmesg) A quick ltrace says ``` 1qXia0-000BPb-0a Failed to create spool file /var/spool/exim4//input//1qXia0-000BPb-0a-D: Permission denied ``` However there are no avc: messages for me to allow

Re: selinux and debian squeeze 9.5

> > squeeze! > > Speaking of obvious — the OP says 9.5, so presumably they _meant_ to say > Stretch — no? It does not say "9.5" anywhere in the original post. It does, however, say 9.5 in the Subject header. Unfortunately, we have a divide here. Newbies think that putting information in the Sub

correction, stretch 9.5 Re: selinux and debian squeeze 9.5

On 11/3/18 7:45 PM, Mark Fletcher wrote: > > squeeze! You could be very lucky and someone with the same outdated, > no longer supported distribution and experiencing the same problem > comes along. I wouldn't count on it though. > > > Any suggestions? > > The obvious. > > > Spe

Re: selinux and debian squeeze 9.5

> squeeze! You could be very lucky and someone with the same outdated, > no longer supported distribution and experiencing the same problem > comes along. I wouldn't count on it though. > > > Any suggestions? > > The obvious. > Speaking of obvious — the OP says 9.5, so presumably they _meant_ to s

Re: selinux and debian squeeze 9.5

On Sat 03 Nov 2018 at 18:04:49 -0400, John Jasen wrote: > For some reason, my attempts at enabling SELinux on a squeeze system > just aren't taking. > > As I understand it, the following steps are required: > > a) installing selinux-policy-default and dependencies >

selinux and debian squeeze 9.5

For some reason, my attempts at enabling SELinux on a squeeze system just aren't taking. As I understand it, the following steps are required: a) installing selinux-policy-default and dependencies b) editing /etc/selinux/config to select default policy and permissive or enforcing. c) a

selinux and debian squeeze 9.5

For some reason, my attempts at enabling SELinux on a squeeze system just aren't taking. As I understand it, the following steps are required: a) installing selinux-policy-default and dependencies b) editing /etc/selinux/config to select default policy and permissive or enforcing. c) a

Re: Debian Stretch SELinux enforcing causes systemd --user unit to fail

>C J du Preez wrote: > >>Good day, >> > Hi, > >>I would like to report a bug, but I am not sure which package to report it >>against. >>I have SELinux enabled and enforcing on Debian Stretch (commandline via SSH >>only, no GUI is installed at

Re: Debian Stretch SELinux enforcing causes systemd --user unit to fail

C J du Preez wrote: Good day, Hi, I would like to report a bug, but I am not sure which package to report it against. I have SELinux enabled and enforcing on Debian Stretch (commandline via SSH only, no GUI is installed at all). I am trying to start a systemd --user unit (which I know

Debian Stretch SELinux enforcing causes systemd --user unit to fail

Good day, I would like to report a bug, but I am not sure which package to report it against. I have SELinux enabled and enforcing on Debian Stretch (commandline via SSH only, no GUI is installed at all). I am trying to start a systemd --user unit (which I know is correct, because it works

selinux in debian 9

Hello, I am trying to set up selinux on my laptop with a fresh installation of debian 9.1, and I have big troubles to make it boot. I think that I did everything according to the wiki page https://wiki.debian.org/SELinux/Setup - installed the packages: i selinux-basics

Re: jessie selinux reference policy package missing

Am 09.05.2015 um 01:32 schrieb Dan Ritter: > https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=selinux-policy-default;dist=unstable > > See the bugs marked Grave, Serious, and indeed most of the > Important and some of the Unclassified bugs. > > It may be that someone will som

Re: jessie selinux reference policy package missing

On Fri, May 08, 2015 at 04:18:30PM -0500, Spencer Minear wrote: > I installed the new Jessie version of debian on a VirtualBox system, and > had no problems with the installation. Because I wanted to do work with > the SELinux policy I wanted to first make sure that the system would run

jessie selinux reference policy package missing

I installed the new Jessie version of debian on a VirtualBox system, and had no problems with the installation. Because I wanted to do work with the SELinux policy I wanted to first make sure that the system would run with SE Linux to provide a platform on which to experiment with the policy. I

Re: SELinux policy for Jessie?

On Monday 27 April 2015 15:01:21 Ian Pilcher wrote: > On 04/26/2015 08:46 PM, Ric Moore wrote: > > On 04/26/2015 07:23 PM, Ian Pilcher wrote: > >> As part of my CentOS-to-Debian visionquest, I'm trying to enable SELinux > >> on Jessie, but I haven't been able

Re: SELinux policy for Jessie?

Am 2015-04-27 01:23, schrieb Ian Pilcher: As part of my CentOS-to-Debian visionquest, I'm trying to enable SELinux on Jessie, but I haven't been able to install the policy: E: Package 'selinux-policy-default' has no installation candidate Does it simply not exist yet?

Re: SELinux policy for Jessie?

On 04/26/2015 08:46 PM, Ric Moore wrote: On 04/26/2015 07:23 PM, Ian Pilcher wrote: As part of my CentOS-to-Debian visionquest, I'm trying to enable SELinux on Jessie, but I haven't been able to install the policy: E: Package 'selinux-policy-default' has no installatio

Re: SELinux policy for Jessie?

On 04/26/2015 07:23 PM, Ian Pilcher wrote: As part of my CentOS-to-Debian visionquest, I'm trying to enable SELinux on Jessie, but I haven't been able to install the policy: E: Package 'selinux-policy-default' has no installation candidate Does it simply not exist yet?

SELinux policy for Jessie?

As part of my CentOS-to-Debian visionquest, I'm trying to enable SELinux on Jessie, but I haven't been able to install the policy: E: Package 'selinux-policy-default' has no installation candidate Does it simply no

Strange errors from SELinux when long listing directory (ls -l)

After I issue command "ls -l" in terminal, as normal user, one or more of this messages appear in syslog: mcstransd: Failed to get context of client process (pid=5390) mcstransd: Servicing of request failed for fd (5) When issue as root, nothing is logged. I notice nothing else related with this

SELinux and awstats.pl

Hi, after installing and enabling SELinux awstats always report this error: Error: AWStats database directory defined in config file by 'DirData' parameter (/var/lib/awstats) does not exist or is not writable. By disabling SELinux using `setenforce 0` awstats "works" again

Re: problem with selinux and Iceweaseal

On Thursday 14 November 2013 02:38 AM, i...@thepostglobal.com wrote: Hi everyone, I have a problem with selinux and Iceweaseal. I install a fresh debian wheezy amd64 on my machine, and then selinux. If I set selinux enforce to " 1 " from " 0 " icewaesel don't start a

Selinux enforce + iceweasel

Hello, I have a problem with selinux and Iceweaseal I install a fresh debian wheezy amd64 on my machine, and then selinux. If I set selinux enforce to " 1 " from " 0 " icewaesel don't start anymore. I don't make any change in iceweasel, no plugin, no flash.

problem with selinux and Iceweaseal

Hi everyone, I have a problem with selinux and Iceweaseal. I install a fresh debian wheezy amd64 on my machine, and then selinux. If I set selinux enforce to " 1 " from " 0 " icewaesel don't start anymore. I don't make any change in iceweasel, no plugin, no

Starting with SElinux

Followed instructions on Debian SElinux WIKI. sudo selinux-activate, says OK, may need to reboot. Reboot, nothing special -- expected file coding and another reboot. check-selinux-installation, no selinux, no /selinux, nada. I am NOT using grub and had to place a dummy update-grub script to

SELinux

Hi all, What is the current state of SELinux in debian? The page about it in the Wiki seems a bit out of date. Thanks :) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Arc

Re: AppArmor or SELinux?

On Sun, Jun 17, 2012 at 8:43 PM, Ralf Mardorf wrote: > On Sun, 2012-06-17 at 15:41 -0400, Tom H wrote: >> On Sun, Jun 17, 2012 at 12:52 PM, Ralf Mardorf >> wrote: >>> On Sun, 2012-06-17 at 18:45 +0200, Claudius Hubig wrote: AppArmor doesn’t add a single thread to a running Linux system.

Re: AppArmor or SELinux?

On Sun, Jun 17, 2012 at 8:37 PM, Ralf Mardorf wrote: > On Sun, 2012-06-17 at 15:30 -0400, Tom H wrote: >>> >>> Yes, but it's part of the paranoia ;) and comes withs tons of threads, >>> on Ubuntu Precise: >>> >>> spinymouse@precise:~$ ps -eLf|grep console-kit-daemon|wc -l >>> 66 >> >> It's an old

Re: AppArmor or SELinux?

Hello ~Stack~, ~Stack~ wrote: > We are using it for specific services but I don't see why it would be any > different setting up pidgin or opera. I have only deployed SELinux to a > single Debian system and that was under Lenny. I don't recall it being > problematic or anyt

Re: AppArmor or SELinux?

Hello Claudius, I don't have a ton of experience with SELinux on Debian. However, a specific work project requires a deployment of Red Hat systems all with SELinux and I have been very impressed with how easy it is to setup and administer. I have been impressed for a while now, actually. W

Re: AppArmor or SELinux?

On Sun, 2012-06-17 at 15:41 -0400, Tom H wrote: > On Sun, Jun 17, 2012 at 12:52 PM, Ralf Mardorf > wrote: > > On Sun, 2012-06-17 at 18:45 +0200, Claudius Hubig wrote: > >> > >> AppArmor doesn’t add a single thread to a running Linux system. > > > > So it's a voodoo-ghost and doesn't need resources

Re: AppArmor or SELinux?

On Sun, 2012-06-17 at 15:30 -0400, Tom H wrote: > > Yes, but it's part of the paranoia ;) and comes withs tons of threads, > > on Ubuntu Precise: > > > > spinymouse@precise:~$ ps -eLf|grep console-kit-daemon|wc -l > > 66 > > It's an old bug/feature: > > https://bugs.freedesktop.org/show_bug.cgi?i

Re: AppArmor or SELinux?

On Sun, Jun 17, 2012 at 12:52 PM, Ralf Mardorf wrote: > On Sun, 2012-06-17 at 18:45 +0200, Claudius Hubig wrote: >> >> AppArmor doesn’t add a single thread to a running Linux system. > > So it's a voodoo-ghost and doesn't need resources? If you think that it's using a thread, please show it! (I

Re: AppArmor or SELinux?

Hello Ralf, Ralf Mardorf wrote: > On Sun, 2012-06-17 at 18:45 +0200, Claudius Hubig wrote: > > AppArmor doesn’t add a single thread to a running Linux system. > > So it's a voodoo-ghost and doesn't need resources? It runs directly in the kernel, where any access control obviously should take pl

Re: AppArmor or SELinux?

On Sun, Jun 17, 2012 at 12:45 PM, Ralf Mardorf wrote: > On Sun, 2012-06-17 at 17:38 +0100, Brian wrote: >> On Sun 17 Jun 2012 at 18:00:25 +0200, Ralf Mardorf wrote: >>> >>> Joe and Sam (most wanted spammers on this list) never ever will have >>> impact to your Linux ;). Forget AppArmor! Read about

Re: AppArmor or SELinux?

On Sun, 17 Jun 2012 18:41:22 +0200, Claudius Hubig wrote: > Camaleón wrote: >> On Sun, 17 Jun 2012 13:14:03 +0200, Claudius Hubig wrote: And I share >> the same feeling for SELinux, I mean, a tool that can be very helpful >> when it is properly configured and yo

Re: AppArmor or SELinux?

PS: Regarding to ConsoleKit, POSIX threads? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1339953435.2074.65.camel@precise

Re: AppArmor or SELinux?

On Sun, 2012-06-17 at 18:45 +0200, Claudius Hubig wrote: > AppArmor doesn’t add a single thread to a running Linux system. So it's a voodoo-ghost and doesn't need resources? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listm

Re: AppArmor or SELinux?

On Sun, 2012-06-17 at 17:38 +0100, Brian wrote: > On Sun 17 Jun 2012 at 18:00:25 +0200, Ralf Mardorf wrote: > > [Snip] > > > Joe and Sam (most wanted spammers on this list) never ever will have > > impact to your Linux ;). Forget AppArmor! Read about ConsoleKit and > > other "security helpers", w

Re: AppArmor or SELinux?

am (most wanted spammers on this list) never ever will have > impact to your Linux ;). So what? I don’t plan to use AppArmor/SELinux as a spam filter, I don’t think you read my original email. > Forget AppArmor! Read about ConsoleKit and > other "security helpers", we alre

Re: AppArmor or SELinux?

Hello Camaleón, Camaleón wrote: > On Sun, 17 Jun 2012 13:14:03 +0200, Claudius Hubig wrote: > And I share the same feeling for SELinux, I mean, a tool that can be very > helpful when it is properly configured and you know well about its > possibilities but its setting up is not w

Re: AppArmor or SELinux?

On Sun 17 Jun 2012 at 18:00:25 +0200, Ralf Mardorf wrote: [Snip] > Joe and Sam (most wanted spammers on this list) never ever will have > impact to your Linux ;). Forget AppArmor! Read about ConsoleKit and > other "security helpers", we already run much to much threads, when > running Linux. Con

Re: AppArmor or SELinux?

Hahaha :D women are more careful then men are. Perhaps Camaleón (as I) does know Suse ;). And IIRC Suse first ships with AppAmor. Sorry, who exactly plans a conspiracy? Regarding to the answer AppArmor might be helpful, if not, it just spam shutdown messages with crap, as it does for my self-bui

Re: AppArmor or SELinux?

sle for a little gain. And I share the same feeling for SELinux, I mean, a tool that can be very helpful when it is properly configured and you know well about its possibilities but its setting up is not what we would consider a child game. > However, I just noticed that there don’t appear A

Re: AppArmor or SELinux?

AFAIK openSUSE and Ubuntu by default do ship with AppArmor. Dunno why our Linux installs get spammed with all that crap, such as AppArmor, ConsoleKit etc.. Reminds me to remove AppArmor from my latest Ubuntu Studio. In cases of paranoia I recommend to consult a shrink instead of installing AppAr

AppArmor or SELinux?

, Iceweasel and Skype[1,2]. However, I just noticed that there don’t appear AppArmor profiles to be around for Kernel 3.3 or 3.4, and, aside from that, only Ubuntu appears to use it, while SELinux is much more common. A bit more reading in the Debian Handbook then illustrated that SELinux is

Re: SELinux help

n Tue, Apr 17, 2012 at 7:22 PM, ss11223 wrote: > Is there a forum for Debian SELinux help. I am trying to set up > a server, but with SELinux enabled some functions are subtlety > broken and it looks like some rules need tweaking. > > Stuart > > > -- > To UNSUBS

SELinux help

Is there a forum for Debian SELinux help. I am trying to set up a server, but with SELinux enabled some functions are subtlety broken and it looks like some rules need tweaking. Stuart -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe"

Re: Selinux on a Squeeze Desktop

--- On Tue, 3/15/11, Josep M. Gasso wrote: > Hello Patrick. > > Thanks for Your answers, the only doubts that I have now > with selinux > are: > > System update with "aptitude safe-upgrade" and "aptitude > full-upgrade" > did You give any proble

Re: Selinux on a Squeeze Desktop

Hello Shawn Thanks for Your answers,I installed selinux on a virtual machine, and ok for first steps...but not with all apps that I have installed in my host. The only doubts that I have now with selinux are: System update with "aptitude safe-upgrade" and "aptitude full-upgrad

Re: Selinux on a Squeeze Desktop

Hello Patrick. Thanks for Your answers, the only doubts that I have now with selinux are: System update with "aptitude safe-upgrade" and "aptitude full-upgrade" did You give any problems? About backups, the only tool for backups is "star", seems that are not incl

Re: Selinux on a Squeeze Desktop

On Sun, Mar 13, 2011 at 12:00 PM, Josep M. Gasso wrote: > Hello. > > I would like ask if someone have in his home a Desktop/Server machine > what runs selinux, my Debian Squeeze machine is always on and is a > mailserver too. > > So, I would like if there is any desktop probl

Re: Selinux on a Squeeze Desktop

--- On Sun, 3/13/11, Josep M. Gasso wrote: > I would like ask if someone have in his home a > Desktop/Server machine > what runs selinux, my Debian Squeeze machine is always on > and is a > mailserver too. I run Fedora. (And have since FC3.) SELinux is installed by default. I

Selinux on a Squeeze Desktop

Hello. I would like ask if someone have in his home a Desktop/Server machine what runs selinux, my Debian Squeeze machine is always on and is a mailserver too. So, I would like if there is any desktop problems with selinux, and if speed is also affected. Any advice will be appreciated, I plan

[SELinux] Wildcard for object classes?

Hi, I posted this to linux.debian.security but didn't get any reply. Maybe someone can help me out here. I just started looking into SELinux. I am wondering if there is a way to have wildcards in avc rules like: auditallow source_t target_t : * * ; which audits all access

mysql_upgrade selinux problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Group, I am seeing the errors (warning since I am on permissive mode) bellow for mysql_upgrade after I enabled selinux. Linux lrfurtado 2.6.26-2-xen-686 #1 SMP Thu Nov 25 02:32:31 UTC 2010 i686 GNU/Linux cat /etc/debian_version 5.0.7 SELinux

Re: what to use besides selinux?

IDS...? What are your requirements (server, home, >> workstation usage)? > just a normal desktop. [no server function on it]. on a plain notebook. Then no need to worry about security. Well, _yes_, but no need to be "paranoid" and installing and configuring SELinux for a desktop

Re: what to use besides selinux?

just a normal desktop. [no server function on it]. on a plain notebook. On 21 November 2010 14:23, Camaleón wrote: > On Sun, 21 Nov 2010 11:27:09 +0100, Arthur Bela wrote: > >> I >> >> apt-get install selinux >> >> Ok. Reboot. So I'm better pro

Re: what to use besides selinux?

On Sun, 21 Nov 2010 11:27:09 +0100, Arthur Bela wrote: > I > > apt-get install selinux > > Ok. Reboot. So I'm better protected now, or i have to set a few things? Congrats. Now your "odessy" starts by here :-P http://wiki.debian.org/SELinux > I read that seli

Re: what to use besides selinux?

Dne, 21. 11. 2010 11:27:09 je Arthur Bela napisal(a): I apt-get install selinux Ok. Reboot. So I'm better protected now, or i have to set a few things? I read that selinux is good for post-exploitation situations. What do i have to google to search for solutions protecting me &q

what to use besides selinux?

I apt-get install selinux Ok. Reboot. So I'm better protected now, or i have to set a few things? I read that selinux is good for post-exploitation situations. What do i have to google to search for solutions protecting me "before-exploitations"? *exploitations ~ intrusion

selinux question on debian lenny

Hi all, I installed debian lenny with Xfs as it' s filesystem (in raid-1) and went on to install java (openjdk). This system also has a postgresql database server installation. I tried to enable selinux by following the steps on this wiki: http://wiki.debian.org/SELinux/Setup However,

Re: /srv and /selinux

On Sun, 16 Nov 2008 09:13:30 +0100, Sven Joachim wrote: >> I found there are two empty directories in my /, /srv and /selinux. >> What are they for? Who creates/owns them? Is it ok to remove them? Thanks a lot for the comprehensive explanation, Sven. -- Tong (remove underscore

Re: /srv and /selinux

On 2008-11-16 05:33 +0100, T o n g wrote: > Hi, > > I found there are two empty directories in my /, /srv and /selinux. > > What are they for? Who creates/owns them? Is it ok to remove them? , | $ dpkg -S /srv /selinux | dpkg: /srv not found. | libselinux1: /selinux ` /

Re: /srv and /selinux

On Sun, 16 Nov 2008 04:33:09 + (UTC) T o n g <[EMAIL PROTECTED]> wrote: > Hi, > > I found there are two empty directories in my /, /srv and /selinux. > > What are they for? Who creates/owns them? Is it ok to remove them? $ dpkg -S /selinux libselinux1: /selinux

/srv and /selinux

Hi, I found there are two empty directories in my /, /srv and /selinux. What are they for? Who creates/owns them? Is it ok to remove them? thanks -- Tong (remove underscore(s) to reply) http://xpt.sourceforge.net/techdocs/ http://xpt.sourceforge.net/tools/ -- To UNSUBSCRIBE, email to

Re: Basic SELinux Question

* Ron Johnson <[EMAIL PROTECTED]> [2007-06-15 11:33:55 -0500]: > I know that Democrats confuse Reagan and Nixon on a regular basis, but it > actually was Reagan quoting a Russian proverb. > Or, more precisely, Reagan's speechwriters. -- Regards, Klein. A black cat crossing your path signifies

Re: Selinux

; > Hi > > > > > > > > Just thought I would try out selinux, what is the best mailing list to ask > >

Re: Selinux

Hi > > > > Just thought I would try out selinux, what is the best mailing list to ask > >

Re: Selinux

Hi > > > > Just thought I would try out selinux, what is the best mailing list to ask > > questions about this. no need to subscribe to a list, just wait

Re: Selinux

Hi > > > > Just thought I would try out selinux, what is the best mailing list to ask > >

Selinux

thought I would try out selinux, what is the best mailing list to ask questions about this

Re: Penalty of SELinux?

On Thu, Sep 27, 2007 at 07:55:47PM +0200, Michelle Konzack wrote: > Am 2007-09-23 11:14:57, schrieb Douglas A. Tutty: > > On small systems, what about the penalty of just larger binaries? I > > have some older boxes with 16-64 MB ram. > > > > Doug. > - END OF REPLIED MES

Re: Penalty of SELinux?

On Sun, Sep 23, 2007 at 11:13:13AM -0400, Douglas A. Tutty wrote: > Linux's target is the modern desktop and the focus is on keeping up with > new hardware. The BSDs keep the drivers for old hardware but patches > require building and that building relies on gcc which isn't optimized > for use on

Re: Penalty of SELinux?

El jue, 27-09-2007 a las 19:54 +0200, Michelle Konzack escribió: > Am 2007-09-22 11:29:09, schrieb Douglas A. Tutty: > > I run a bunch of old machines. > > > > Now that SELinux is integrated (compiled in) to various pieces of > > Debian, is there a penalt

Re: Penalty of SELinux?

On Sep 27, 2007, at 10:54 AM, Michelle Konzack wrote: Am 2007-09-24 10:01:12, schrieb David Brodbeck: Same basic problem, I think. To apply security patches you have to recompile. To recompile, you have to use GCC, which is a resource hog. You'd get old and die waiting for "make world" to f

Re: Penalty of SELinux?

Michelle Konzack wrote: Am 2007-09-25 03:11:39, schrieb Mike McCarty: It would take more than just kernel, of course. I am investigating LFS. Gentoo seems to have accepted SELinux as well, though since it is a source distro most of the work would be easier in that case, perhaps. And where is

Re: Penalty of SELinux?

Am 2007-09-25 03:11:39, schrieb Mike McCarty: > It would take more than just kernel, of course. I am investigating > LFS. Gentoo seems to have accepted SELinux as well, though since > it is a source distro most of the work would be easier in that > case, perhaps. And where is the

Re: Penalty of SELinux?

Am 2007-09-24 22:16:02, schrieb Mumia W..: > However, the dependency upon SElinux is more recent. There may be time > to remove it before it becomes too entrenched and before its tentacles > probe too deeply into Debian. > > I hope it's not too late. I wish I'd educ

Re: Penalty of SELinux?

Am 2007-09-24 17:26:01, schrieb Ron Johnson: > On 09/24/07 15:46, David Brodbeck wrote: > > But if you're worried that the NSA is targeting you, you've got a lot of > > more serious concerns. Your monitor is radiating signals that can be > > picked up and decoded. > > Even LCD monitors? YES. Ev

Re: Penalty of SELinux?

Hi John and *, Am 2007-09-23 20:08:04, schrieb John Hasler: > consultores writes: > > The real problem with SELinux is that it come from a really well known > > untrusted organization around the globe... > > Has it occurred to you that if NSA wanted to slip a backdoor int

Re: Penalty of SELinux?

Am 2007-09-23 11:14:57, schrieb Douglas A. Tutty: > On small systems, what about the penalty of just larger binaries? I > have some older boxes with 16-64 MB ram. > > Doug. - END OF REPLIED MESSAGE - Look at to get FPM's fo

  1   2   3   >