Obtaining MLS policy package for RHEL5?
Dominick Grift
domg472 at gmail.com
Mon Dec 7 12:41:54 UTC 2009
On Mon, Dec 07, 2009 at 06:33:38AM -0600, Dyson, Mark L (IS) wrote:
> Dominic,
>
> Many thanks. Could you point me to where I can get that policy file?
> The help info I've seen just points me to the RHEL install media, which
> I don't have available right now.
The source policy is here:
ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS (look for selinux-policy-{your.version}
The binary representation is available on the the official redhat distribution channel (i dont have a subscription thus i cannot point you to it)
>
> The Clip site looks extremely interesting, definitely going to spend
> some time there.
>
> Thanks again!
> Mark
>
> -----Original Message-----
> From: fedora-selinux-list-bounces at redhat.com
> [mailto:fedora-selinux-list-bounces at redhat.com] On Behalf Of Dominick
> Grift
> Sent: Friday, December 04, 2009 3:56 PM
> To: fedora-selinux-list at redhat.com
> Subject: Re: Obtaining MLS policy package for RHEL5?
>
> On Fri, Dec 04, 2009 at 12:15:07PM -0600, Dyson, Mark L (IS) wrote:
> > Hello,
> >
> > For a test machine I was provided a SunFire X2200 (AMD processors)
> > with
> > RHEL5 pre-installed. I wasn't provided the install media. It
> > currently only has the targeted policy package installed. Is there a
> > source from which I can download and install the multi-level security
> package(s)?
>
> yum install selinux-policy-mls
> edit /etc/selinux/config (replace SELINUXTYPE (targeted by mls) touch
> /.autorelabel && reboot
>
> You might want to boot with enforcing=0 in kernel boot line so that
> relabeling can go ahead and that you can log into the system.
>
> you might also want to check this out:
>
> http://oss.tresys.com/projects/clip
> >
> > I had been pointed to some "LSPP" information based on an earlier
> > question but, aside from my system type not being represented, from
> > appearances those packages were intended for a fresh install based on
> > a strictly limited hardware/software architecture. I'm not sure how I
>
> > would be able to use them in my case.
> >
> > Thanks in advance!
> > Mark
>
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091207/9568db5e/attachment.sig>
More information about the fedora-selinux-list
mailing list