Obtaining MLS policy package for RHEL5?

[Dominick Grift]

On Mon, Dec 07, 2009 at 06:33:38AM -0600, Dyson, Mark L (IS) wrote:
> Dominic,
> 
> Many thanks.  Could you point me to where I can get that policy file?
> The help info I've seen just points me to the RHEL install media, which
> I don't have available right now.

The source policy is here:
ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS (look for selinux-policy-{your.version}

The binary representation is available on the the official redhat distribution channel (i dont have a subscription thus i cannot point you to it) 

> 
> The Clip site looks extremely interesting, definitely going to spend
> some time there.
> 
> Thanks again!
> Mark
> 
> -----Original Message-----
> From: fedora-selinux-list-bounces at redhat.com
> [mailto:fedora-selinux-list-bounces at redhat.com] On Behalf Of Dominick
> Grift
> Sent: Friday, December 04, 2009 3:56 PM
> To: fedora-selinux-list at redhat.com
> Subject: Re: Obtaining MLS policy package for RHEL5?
> 
> On Fri, Dec 04, 2009 at 12:15:07PM -0600, Dyson, Mark L (IS) wrote:
> > Hello,
> > 
> > For a test machine I was provided a SunFire X2200 (AMD processors) 
> > with
> > RHEL5 pre-installed.  I wasn't provided the install media.  It 
> > currently only has the targeted policy package installed.  Is there a 
> > source from which I can download and install the multi-level security
> package(s)?
> 
> yum install selinux-policy-mls
> edit /etc/selinux/config (replace SELINUXTYPE (targeted by mls) touch
> /.autorelabel && reboot
> 
> You might want to boot with enforcing=0 in kernel boot line so that
> relabeling can go ahead and that you can log into the system.
> 
> you might also want to check this out:
> 
> http://oss.tresys.com/projects/clip
> > 
> > I had been pointed to some "LSPP" information based on an earlier 
> > question but, aside from my system type not being represented, from 
> > appearances those packages were intended for a fresh install based on 
> > a strictly limited hardware/software architecture.  I'm not sure how I
> 
> > would be able to use them in my case.
> > 
> > Thanks in advance!
> > Mark
> 
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091207/9568db5e/attachment.sig>