Re: LSM-based systems and debian packages

On Wed, 03 Dec 2003, Russell Coker wrote: > On Wed, 3 Dec 2003 00:56, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > > I've attached a modified version, please check it out. I've changed some > > > of the things to do it in the recommended manner (eg the > > > system_crond_entry() macro), and rem

Re: LSM-based systems and debian packages

On Wed, 03 Dec 2003, Russell Coker wrote: > On Wed, 3 Dec 2003 00:56, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > > I've attached a modified version, please check it out. I've changed some > > > of the things to do it in the recommended manner (eg the > > > system_crond_entry() macro), and rem

Re: LSM-based systems and debian packages

On Wed, 3 Dec 2003 00:56, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > I've attached a modified version, please check it out. I've changed some > > of the things to do it in the recommended manner (eg the > > system_crond_entry() macro), and removed some things. > > > > The part for running ssh

Re: LSM-based systems and debian packages

On Wed, 3 Dec 2003 00:56, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > I've attached a modified version, please check it out. I've changed some > > of the things to do it in the recommended manner (eg the > > system_crond_entry() macro), and removed some things. > > > > The part for running ssh

Re: LSM-based systems and debian packages

On Tue, 02 Dec 2003, Russell Coker wrote: > On Tue, 2 Dec 2003 18:32, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > > There is currently no uucp policy (it seems that no SE Linux users are > > > using it). > > > > I have one, but it does only allow what I need for uucp, which is > > certainly jus

Re: LSM-based systems and debian packages

On Tue, 02 Dec 2003, Russell Coker wrote: > On Tue, 2 Dec 2003 18:32, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > > There is currently no uucp policy (it seems that no SE Linux users are > > > using it). > > > > I have one, but it does only allow what I need for uucp, which is > > certainly jus

Re: LSM-based systems and debian packages

On Tue, 2 Dec 2003 18:32, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > There is currently no uucp policy (it seems that no SE Linux users are > > using it). > > I have one, but it does only allow what I need for uucp, which is > certainly just a small subset of possible uucp uses. I've attached

Re: LSM-based systems and debian packages

On Tue, 2 Dec 2003 18:32, Peter Palfrader <[EMAIL PROTECTED]> wrote: > > There is currently no uucp policy (it seems that no SE Linux users are > > using it). > > I have one, but it does only allow what I need for uucp, which is > certainly just a small subset of possible uucp uses. I've attached

Re: LSM-based systems and debian packages

On Tue, 02 Dec 2003, Russell Coker wrote: > On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote: > > * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > > > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > > > What about the gettys? I'm asking this because I w

Re: LSM-based systems and debian packages

On Tue, 02 Dec 2003, Russell Coker wrote: > On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote: > > * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > > > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > > > What about the gettys? I'm asking this because I w

Re: LSM-based systems and debian packages

On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote: > * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > > What about the gettys? I'm asking this because I wrote the initial > > > mail because of mgetty, a pa

Re: LSM-based systems and debian packages

On Tue, 2 Dec 2003 08:48, Andreas Barth <[EMAIL PROTECTED]> wrote: > * Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > > What about the gettys? I'm asking this because I wrote the initial > > > mail because of mgetty, a pa

Re: LSM-based systems and debian packages

* Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > What about the gettys? I'm asking this because I wrote the initial > > mail because of mgetty, a package where I expect some non-standard > > setup (though of course, I could

Re: LSM-based systems and debian packages

* Russell Coker ([EMAIL PROTECTED]) [031201 05:10]: > On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > What about the gettys? I'm asking this because I wrote the initial > > mail because of mgetty, a package where I expect some non-standard > > setup (though of course, I could

Re: LSM-based systems and debian packages

On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > There will be support in RPM for packages that contain SE Linux policy. > > For Debian such support will come later (if at all) as the plan is to > > centrally manage all policy for free software, and it's not difficult to > >

Re: LSM-based systems and debian packages

On Mon, 1 Dec 2003 07:43, Andreas Barth <[EMAIL PROTECTED]> wrote: > > There will be support in RPM for packages that contain SE Linux policy. > > For Debian such support will come later (if at all) as the plan is to > > centrally manage all policy for free software, and it's not difficult to > >

Re: LSM-based systems and debian packages

Hi, thanks for your fast reply. Just a few more questions: * Russell Coker ([EMAIL PROTECTED]) [031130 21:10]: > On Mon, 1 Dec 2003 04:27, Andreas Barth <[EMAIL PROTECTED]> wrote: > > Is it possible for me as a package maintainer to specifiy the needed > > rights for "my" programms in a way that

Re: LSM-based systems and debian packages

On Mon, 1 Dec 2003 04:27, Andreas Barth <[EMAIL PROTECTED]> wrote: > Is it possible for me as a package maintainer to specifiy the needed > rights for "my" programms in a way that as much systems as possible > can use these without the need for a sysadmin to change anything? Or > would each LSM-bas

Re: LSM-based systems and debian packages

Hi, thanks for your fast reply. Just a few more questions: * Russell Coker ([EMAIL PROTECTED]) [031130 21:10]: > On Mon, 1 Dec 2003 04:27, Andreas Barth <[EMAIL PROTECTED]> wrote: > > Is it possible for me as a package maintainer to specifiy the needed > > rights for "my" programms in a way that

Re: LSM-based systems and debian packages

On Mon, 1 Dec 2003 04:27, Andreas Barth <[EMAIL PROTECTED]> wrote: > Is it possible for me as a package maintainer to specifiy the needed > rights for "my" programms in a way that as much systems as possible > can use these without the need for a sysadmin to change anything? Or > would each LSM-bas

LSM-based systems and debian packages

Hi, well, if this mail seems to be silly for persons with good knowledge of LSM-based systems, I'm sorry. But I can't give me the answers myself, so I'm asking here. The last time (and especially the last days) have IMHO shown that it would be good for any Linux machine to run with more security

LSM-based systems and debian packages

Hi, well, if this mail seems to be silly for persons with good knowledge of LSM-based systems, I'm sorry. But I can't give me the answers myself, so I'm asking here. The last time (and especially the last days) have IMHO shown that it would be good for any Linux machine to run with more security