On 3/9/06, Steve B [EMAIL PROTECTED] wrote:
Hey everybody,Quick question.How can I disable SELinux without modifing(recompiling) the kernel?The reason I ask is because my kernel wascompiled with SELinux support, however its not active.Apparent
vpopmail has issues with SELinux and I believe that I
Hey everybody,
Quick question. How can I disable SELinux without modifing
(recompiling) the kernel? The reason I ask is because my kernel was
compiled with SELinux support, however its not active. Apparent
vpopmail has issues with SELinux and I believe that I am having
problems because
flask hvm pygrub qemu
screen xend}
Homepage:http://xen.org/
Description: Xend daemon and tools
* sec-policy/selinux-xen
Available versions: [M]2.20110726
Homepage:http://www.gentoo.org/proj/en/hardened/selinux/
Description: SELinux
- is this dated info, or still true?
* sec-policy/selinux-xen
Available versions: [M]2.20110726
Homepage:http://www.gentoo.org/proj/en/hardened/selinux/
Description: SELinux policy for xen
* sys-kernel/xen-sources
Available versions:
(2.6.18-r12
-release-details/
* sec-policy/selinux-xen
Available versions: [M]2.20110726
Homepage: http://www.gentoo.org/proj/en/hardened/selinux/
Description: SELinux policy for xen
* sys-kernel/xen-sources
Available versions:
(2.6.18-r12) 2.6.18-r12!b
, but it should be rather
straightforward. XCP is also meant to be a quick way to setup Xen just
as VMWare ESXi or something similar. Setting up Xen in a Gentoo domain-0
is much more work for sure, but (as always with Gentoo) gives you lots
of possibilities for customization.
* sec-policy/selinux-xen
with the USE flags:
[ebuild U ] app-emulation/libvirt-0.8.2 [0.8.1-r1] USE=libvirtd lxc
network nls python qemu virtualbox -avahi -caps -iscsi -lvm -macvtap% -nfs
-numa -openvz -parted -pcap% -phyp -policykit -sasl (-selinux) -udev -uml
-xen
Am 03.10.2013 15:39, schrieb Michael Hampicke:
Server side:
[ebuild R ~] app-emulation/libvirt-1.1.2-r3 USE=caps libvirtd
lvm macvtap nls numa python qemu udev vepa virt-network -audit
-avahi -firewalld -fuse -iscsi -lxc -nfs -openvz -parted -pcap
-phyp -policykit -rbd -sasl (-selinux
Am 03.10.2013 15:39, schrieb Michael Hampicke:
Server side:
[ebuild R ~] app-emulation/libvirt-1.1.2-r3 USE=caps libvirtd
lvm macvtap nls numa python qemu udev vepa virt-network -audit
-avahi -firewalld -fuse -iscsi -lxc -nfs -openvz -parted -pcap
-phyp -policykit -rbd -sasl (-selinux
-emulation/libvirt-1.1.2-r3 USE=caps libvirtd lvm
macvtap nls numa policykit python qemu systemd udev vepa virt-network
virtualbox -audit -avahi -firewalld -fuse -iscsi -lxc -nfs -openvz
-parted -pcap -phyp -rbd -sasl (-selinux) -uml -xen
PYTHON_SINGLE_TARGET=python2_7 -python2_6 PYTHON_TARGETS
-numa -openvz -parted -pcap% -phyp -policykit -sasl (-selinux) -udev -uml
-xen
-parted -pcap
-phyp -policykit -rbd -sasl (-selinux) -systemd -uml -virtualbox
-xen PYTHON_SINGLE_TARGET=python2_7 -python2_6
PYTHON_TARGETS=python2_7 -python2_6 0 kB
I connect via ssh+pubkey
Thanks ... looks quite the same for me ... rebuilding things now.
I even consider to create a VM
on/qemu aio alsa fdt opengl usb vhost-net gtk sdl curl ssh
-bluetooth -iscsi -pulseaudio -rbd -smartcard -usbredir -spice -accessibility
-caps -debug -glusterfs -filecaps -ncurses -pin-upstream-blobs -python -sasl
-sdl2 -seccomp -selinux -static -static -static-softmmu -static-user -tci -tes
=libvirtd lxc
network nls python qemu virtualbox -avahi -caps -iscsi -lvm -macvtap% -nfs
-numa -openvz -parted -pcap% -phyp -policykit -sasl (-selinux) -udev -uml
-xen
I need to install to make it work? I'm emerging with the USE
flags:
[ebuild U ] app-emulation/libvirt-0.8.2 [0.8.1-r1] USE=libvirtd lxc
network nls python qemu virtualbox -avahi -caps -iscsi -lvm -macvtap% -nfs
-numa -openvz -parted -pcap% -phyp -policykit -sasl (-selinux) -udev -uml
-xen
-parted -pcap
-phyp -policykit -rbd -sasl (-selinux) -systemd -uml -virtualbox
-xen PYTHON_SINGLE_TARGET=python2_7 -python2_6
PYTHON_TARGETS=python2_7 -python2_6 0 kB
I connect via ssh+pubkey
Would you mind sharing your libvirtd.conf as well?
Did you add a separate user/group for libvirtd
-avahi -firewalld -fuse -iscsi -lxc -nfs
-openvz -parted -pcap -phyp -policykit -rbd -sasl (-selinux)
-systemd -uml -virtualbox -xen PYTHON_SINGLE_TARGET=python2_7
-python2_6 PYTHON_TARGETS=python2_7 -python2_6 0 kB
I connect via ssh+pubkey
Would you mind sharing your libvirtd.conf as well
io alsa curl fdt gtk gtk2 jpeg
> ncurses opengl pin-upstream-blobs png sdl sdl2 ssh threads usb vhost-net
> vnc -accessibility -bluetooth -caps -debug -filecaps (-glusterfs)
> -infiniband -iscsi -lzo -nfs -nls -numa -pulseaudio -python -rbd -sasl
> -seccomp (-selinux) -smartcard -snappy -
SE="aio alsa curl fdt gtk gtk2 jpeg
ncurses opengl pin-upstream-blobs png sdl sdl2 ssh threads usb vhost-net vnc
-accessibility -bluetooth -caps -debug -filecaps (-glusterfs) -infiniband
-iscsi -lzo -nfs -nls -numa -pulseaudio -python -rbd -sasl -seccomp (-selinux)
-smartcard -snappy -sp
debug -ntfsdecrypt -static-libs -suid" 1,117 KiB
[ebuild N ] sys-block/parted-3.2::gentoo USE="debug nls readline
-device-mapper (-selinux) -static-libs" 1,617 KiB
[ebuild NS] sys-boot/grub-2.02_beta2-r9:2/2.02_beta2-r9::gentoo
[0.97-r16:0::gentoo] USE="fonts multislot
ies... done!
> [ebuild N ] sys-fs/ntfs3g-2014.2.15-r1::gentoo USE="acl external-fuse
> ntfsprogs xattr -debug -ntfsdecrypt -static-libs -suid" 1,117 KiB
> [ebuild N ] sys-block/parted-3.2::gentoo USE="debug nls readline
> -device-mapper (-selinux) -sta
c -equalizer -gnome -jack (-libressl)
-libsamplerate -lirc -native-headset (-neon) -ofono-headset (-oss) -qt4
-realtime (-selinux) -sox (-system-wide) {-test} -xen -zeroconf"
ABI_X86="32 (64) (-x32)" 0 KiB
t;http://pastebin.com/4C9AcGhs
>
>emerge -pv pulseaudio
>[ebuild R] media-sound/pulseaudio-9.0::gentoo USE="X alsa
>alsa-plugin asyncns caps gdbm glib gtk ipv6 orc ssl systemd tcpd udev
>webrtc-aec -bluetooth -dbus -doc -equalizer -gnome -jack (-libressl)
>-libsamplerate -
-equalizer -gtk -jack (-libressl) -libsamplerate -lirc -
native-headset (-neon) -ofono-headset (-oss) -realtime (-selinux) -sox (-
system-wide) -systemd {-test} -xen -zeroconf" ABI_X86="32 (64) (-x32)" 0 KiB
[snip...]
Total: 127 packages (83 upgrades, 3 new, 41 reinstalls), S
Jack Byer wrote:
I can tell you how mine is set up.
emerge -v dracut
These are the packages that would be merged, in order:
[ebuild R ~] sys-kernel/dracut-013-r2 USE=-debug (-selinux)
DRACUT_MODULES=btrfs crypt lvm -biosdevname -caps -crypt-gpg -dmraid -
dmsquash-live -gensplash -iscsi
qemu"...
[ebuild R] app-emulation/qemu-2.5.0-r1::gentoo USE="aio alsa curl
fdt gtk jpeg ncurses opengl pin-upstream-blobs png snappy ssh threads
usb vhost-net vnc -accessibility -bluetooth -caps -debug -filecaps
(-glusterfs) -gnutls -gtk2 -infiniband -iscsi -lzo -nfs -nls -numa
entoo USE="acl external-fuse
> ntfsprogs xattr -debug -ntfsdecrypt -static-libs -suid" 1,117 KiB
> [ebuild N ] sys-block/parted-3.2::gentoo USE="debug nls readline
> -device-mapper (-selinux) -static-libs" 1,617 KiB
> [ebuild NS] sys-boot/grub-2.02
bluetooth caps dbus gdbm glib gnome* ipv6 orc qt4 ssl tcpd udev
> webrtc-aec -doc -equalizer -gtk -jack (-libressl) -libsamplerate -lirc -
> native-headset (-neon) -ofono-headset (-oss) -realtime (-selinux) -sox (-
> system-wide) -systemd {-test} -xen -zeroconf" ABI_X86="32 (64)
.
I think it will work for me then. lol
Dale
:-) :-)
I can tell you how mine is set up.
emerge -v dracut
These are the packages that would be merged, in order:
[ebuild R ~] sys-kernel/dracut-013-r2 USE=-debug (-selinux)
DRACUT_MODULES=btrfs crypt lvm -biosdevname -caps -crypt-gpg
zo
> ncurses nfs nls opengl pin-upstream-blobs png python sasl sdl sdl2 seccomp
> spice threads usb uuid vde vhost-net vnc xattr xfs -accessibility -alsa
> -bluetooth -debug -glusterfs -infiniband -iscsi -numa -pulseaudio -rbd
> -selinux -smartcard -snappy -ssh -static -static-softmmu -
curl fdt filecaps gtk gtk2 jpeg lzo
ncurses nfs nls opengl pin-upstream-blobs png python sasl sdl sdl2 seccomp
spice threads usb uuid vde vhost-net vnc xattr xfs -accessibility -alsa
-bluetooth -debug -glusterfs -infiniband -iscsi -numa -pulseaudio -rbd -selinux
-smartcard -snappy -ssh -sta
> Calculating dependencies... done!
> > [ebuild N ] sys-fs/ntfs3g-2014.2.15-r1::gentoo USE="acl
> > external-fuse ntfsprogs xattr -debug -ntfsdecrypt -static-libs -suid"
> > 1,117 KiB [ebuild N ] sys-block/parted-3.2::gentoo USE="debug nls
>
s dbus gdbm glib gnome* ipv6 orc qt4 ssl tcpd udev
> webrtc-aec -doc -equalizer -gtk -jack (-libressl) -libsamplerate -lirc -
> native-headset (-neon) -ofono-headset (-oss) -realtime (-selinux) -sox (-
> system-wide) -systemd {-test} -xen -zeroconf" ABI_X86="32 (64) (-x32)"
] media-sound/pulseaudio-9.0::gentoo USE="X alsa
> > alsa-plugin asyncns bluetooth caps dbus gdbm glib gnome* ipv6 orc qt4 ssl
> > tcpd udev webrtc-aec -doc -equalizer -gtk -jack (-libressl)
> > -libsamplerate -lirc - native-headset (-neon) -ofono-headset (-oss)
> > -realtim
loc -lzo -multipath -
> ncurses -nfs -nls -numa -pin-upstream-blobs -plugins -pulseaudio -
> python -rbd -sasl -sdl-image -seccomp (-selinux) -smartcard -snappy -
> spice -static -static-user -systemtap -test -udev -usbredir -vde -
> vhost-user-fs -virgl -virtfs -vte -xattr -xen -xfs -zs
lecaps -glusterfs -gnutls -infiniband -io-uring
-iscsi -jack -jemalloc -lzo -multipath -ncurses -nfs -nls -numa
-pin-upstream-blobs -plugins -pulseaudio -python -rbd -sasl -sdl-image -seccomp
(-selinux) -smartcard -snappy -spice -static -static-user -systemtap -test
-udev -usbredir -vde -vhost-us
-video-glint-1.2.8 [1.2.7]
[ebuild U ] app-emulation/emul-linux-x86-gtklibs-20121028 [20120520]
[ebuild U ] app-text/build-docbook-catalog-1.19.1 [1.4]
[ebuild U ] x11-misc/xscreensaver-5.20 [5.15] USE=-gdm% (-selinux)
[ebuild U ] x11-drivers/xf86-video-apm-1.2.5 [1.2.4]
[ebuild
] dev-python/pycairo-1.10.0-r4 USE=svg xcb -doc
-examples {-test} PYTHON_TARGETS=python2_7 python3_3 -python2_6
-python3_2
[ebuild U ]x11-libs/xpyb-1.3.1-r3 [1.3.1-r2] USE=(-selinux)
-static-libs PYTHON_TARGETS=python2_7 -python2_6 0 kB
[ebuild U #] media-libs/opencv-2.4.8:0/2.4
PYTHON_TARGETS=python2_7 -python2_6
[nomerge ] dev-python/pycairo-1.10.0-r4 USE=svg xcb -doc
-examples {-test} PYTHON_TARGETS=python2_7 python3_3 -python2_6
-python3_2
[ebuild U ]x11-libs/xpyb-1.3.1-r3 [1.3.1-r2] USE=(-selinux)
-static-libs PYTHON_TARGETS=python2_7 -python2_6 0
/gnome-keyring-3.8.2 [2.32.1-r1] USE=caps%*
filecaps%* pam -debug (-selinux) {-test}
[nomerge ] app-crypt/gcr-3.8.2:0/1 USE=gtk introspection -debug
{-test}
[blocks b ] gnome-base/gnome-keyring-3.3
(gnome-base/gnome-keyring-3.3 is blocking app-crypt/gcr-3.8.2)
[ebuild U
(-selinux)
{-test} [nomerge ] app-crypt/gcr-3.8.2:0/1 USE=gtk introspection
-debug {-test}
[blocks b ] gnome-base/gnome-keyring-3.3
(gnome-base/gnome-keyring-3.3 is blocking
app-crypt/gcr-3.8.2) [ebuild U ]gnome-base/gnome-keyring-3.8.2
[2.32.1-r1] USE=caps%*
filecaps
s-1.0.9:0/1.0.9::gentoo [1.0.5:0/0::gentoo]
USE="-static-libs" 121 KiB
[ebuild U ] virtual/tmpfiles-0-r1::gentoo [0::gentoo] 0 KiB
[ebuild U ] app-admin/mcelog-173::gentoo [170::gentoo]
USE="(-selinux)" 306 KiB
[ebuild U ] dev-libs/boost-1.74.0-r1:0/1.74.0::g
sdl shm tga truetype unicode v4l vorbis x264 xscreensaver xv -a52 -aalib
(-altivec) (-aqua) -bidi -bl -bluray -bs2b -cddb -cdparanoia -cpudetection
-debug -dga -doc -dts -dv -faac -faad -fbcon -ftp -ggi -gsm -joystick -ladspa
-libcaca -libmpeg2 -lirc -live -md5sum -mng -nas -nut -openal -opengl -os
bs" 0 KiB
> [nomerge ] media-video/mplayer-1.3.0-r4::gentoo USE="X alsa cdio dvb
> dvd dvdnav enca encode gif iconv ipv6 jack jpeg libass lzo mad mp3 network
> osdmenu png sdl shm tga truetype unicode v4l vorbis x264 xscreensaver xv -a52
> -aalib (-altivec) (
be merged, in order:
>>>
>>> Calculating dependencies... done!
>>> [ebuild N ] sys-fs/ntfs3g-2014.2.15-r1::gentoo USE="acl
>>> external-fuse ntfsprogs xattr -debug -ntfsdecrypt -static-libs -suid"
>>> 1,117 KiB [ebuild N ] sys-b
.2::gentoo] USE="-build -symlink" 237 KiB
[ebuild U ] media-libs/audiofile-0.3.6-r2:0/1::gentoo
[0.3.6-r1:0/1::gentoo] USE="flac -static-libs {-test}" ABI_X86="32 (64)
(-x32)" 0 KiB
[ebuild U ] sys-fs/lvm2-2.02.166::gentoo [2.02.145-r2::gentoo]
USE="readlin
entoo
[0.8.0_p20200617::gentoo] 3307 KiB
[ebuild U ] dev-lang/mujs-1.0.9:0/1.0.9::gentoo [1.0.5:0/0::gentoo]
USE="-static-libs" 121 KiB
[ebuild U ] virtual/tmpfiles-0-r1::gentoo [0::gentoo] 0 KiB
[ebuild U ] app-admin/mcelog-173::gentoo [170::gentoo]
USE="(-selinux)" 3
ndroid-tools-9.0.0_p3-r1::gentoo
USE="-python" PYTHON_TARGETS="python3_7 python3_8%* -python3_6
-python3_9%" 11 KiB
[ebuild U ] sys-devel/gdb-10.1::gentoo [9.2::gentoo] USE="client
nls python server -lzma -multitarget -source-highlight -test -vanilla
ould be. When building qemu it is important to set
USE="virgl". This is how mine was built:
[ebuild R] app-emulation/qemu-2.9.0-r2::gentoo USE="aio alsa bluetooth
bzip2 caps curl fdt filecaps gtk gtk2 jpeg ncurses nls opengl pin-upstream-
blobs png pulseaudio sdl sdl2 se
5/work/gentoo-kernel-config-5.4.89/base.config:
Previous value: # CONFIG_DEFAULT_SECURITY_DAC is not set
New value: CONFIG_DEFAULT_SECURITY_DAC=y
Value of CONFIG_LSM is redefined by fragment /var/tmp/portage/sys-kernel/gentoo-kernel-5.4.105/work/gentoo-kernel-config-5.4.89/base.config:
Previous value
50 matches
Mail list logo
