From: Paul Moore
The SELinux code, security/selinux/, already has a MAINTAINERS entry
so exclude it from the security subsystem entry in an effort to better
reflect current practices.
Signed-off-by: Paul Moore
---
MAINTAINERS |1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS
A quick note to let you know that I've rebased selinux/next on top of
v4.18-rc1, and now that merge window is closed I'm going to be working
my way through the patch backlog this week.
You may also notice that there is now a README.md in the
selinux/master branch with some basic information and
> -Original Message-
> From: Stephen Smalley
> Sent: Monday, June 18, 2018 15:28
> To: Mike Hughes ; selinux@tycho.nsa.gov
> Subject: Re: 'setsebool -P' works but throws errors; changes not permanent
>
> On 06/18/2018 03:44 PM, Mike Hughes wrote:
> > We use Yubikey for two-factor ssh
On 06/18/2018 03:44 PM, Mike Hughes wrote:
> We use Yubikey for two-factor ssh authentication which requires enabling a
> Boolean called “authlogin_yubikey”. It has been working fine until a few
> weeks ago. Errors appear when attempting to set the policy:
>
>
>
> --
>
>
On 06/18/2018 03:24 PM, Petr Lautrbach wrote:
> Hello,
>
> libselinux sets selinut_mnt and has_selinux_config only in its constructor and
> is_selinux_enabled() and others just use selinux_mnt to check if SELinux is
> enabled. But it doesn't work correctly when you use chroot() to a directory
>
We use Yubikey for two-factor ssh authentication which requires enabling a
Boolean called "authlogin_yubikey". It has been working fine until a few weeks
ago. Errors appear when attempting to set the policy:
--
[Cent-7:root@my_server home]# getsebool authlogin_yubikey
authlogin_yubikey --> off
Hello,
libselinux sets selinut_mnt and has_selinux_config only in its constructor and
is_selinux_enabled() and others just use selinux_mnt to check if SELinux is
enabled. But it doesn't work correctly when you use chroot() to a directory
without /proc
and /sys/fs/selinux mounted as it was
semanage_seuser_modify_local and semanage_seuser_del_local already do
the logging.
Moreover, semanage log for loginRecords.__add was flawed since it
reported old-{seuser,role,range} of default user instead of None. This
was caused by selinux.getseuserbyname, which returns values for default
user
Hello,
With the current refpolicy when running sepolgen-ifgen I get the
following (fatal) error:
/usr/share/selinux/refpolicy/include/support/obj_perm_sets.spt: Syntax error on
line 157 ` [type=TICK]
error parsing headers
error parsing file