Comments on: SELinux on Ubuntu (part 1)

By: linux_user

linux_user — Thu, 07 Jan 2010 02:25:18 +0000

Thanks for this. I too was baffled that everything was running as root:sysadm_r:sysadm_t, until I read the thing about upstart. Makes sense because the “original” SELinux ran on Redhat-like systems where sysvinit is the init program rather than upstart.

By: Waqar Afridi

Waqar Afridi — Tue, 30 Jun 2009 10:46:08 +0000

Here is the short-cut

try

sudo apt-get install selinux

or use synaptic manager and install selinux from there

It works.

By: m45

m45 — Mon, 15 Jun 2009 10:53:21 +0000

Awaiting part 2

By: Jeff Schroeder

Jeff Schroeder — Tue, 16 Sep 2008 06:57:06 +0000

@Josh:
Your changed policy is better than the existing one in ubuntu. Therefor, it should be the one that ships if at all possible.

Thats what it would be nice if you were to file a bug about.

By: Joshua Brindle

Joshua Brindle — Mon, 15 Sep 2008 13:19:28 +0000

@Jeff

Well, the libraries are already updated (Manoj from Debian took that back over I guess, I hope he doesn’t disappear again) and the refpolicy I’m using is not the one you ship so I’m not exactly sure what I’d be filing bugs about.

By: Jeff Schroeder

Jeff Schroeder — Mon, 15 Sep 2008 13:01:00 +0000

Ubuntu’s next release, code-named “Intrepid Ibex” is right around the corner. Can you file bugs and work to get your changes shipping in the next version of Ubuntu?

http://launchpad.net

By: Martin Orr

Martin Orr — Mon, 15 Sep 2008 11:57:41 +0000

To build a Debian package:
sudo apt-get install build-essential fakeroot
sudo apt-get build-dep $pkg
apt-get source $pkg
cd $pkgdir
debian/rules build
fakeroot debian/rules binary

Creates .debs in the directory containing $pkgdir.

I maintain a quilt series of refpolicy patches for Debian at http://www.martinorr.name/selinux/patches. In particular this includes all the patches in the Debian policy package. They might be of some use to you (but not with upstart or tmpfs /var/run). The aim is one day to get them submitted upstream.