Michael Tsang wrote: > On Sunday 05 July 2009 16:43:10 Rajinder Yadav wrote: > >> I noticed one of the switch passed when building glibc is --without-selinux >> >> I assume the resulting LFS system, will it be missing Security Enhancement? >> If so what is required to build a SE LFS system. >> >> I assume SE is part of the Linux kernel and thus needs to be built as part >> of the Linux kernel? >> >> Kind Regards, >> Rajinder Yadav >> >> >> __________________________________________________________________ >> The new Internet Explorer® 8 - Faster, safer, easier. Optimized for Yahoo! >> Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/ >> > > In which ver. and ch. does the book told you to do so? The book does not told > me to do so (I am using SVN-20090629). Also, you need to enable SELinux in the > kernel to make it works. > > Michael Tsang > Even under hlfs there's not much about SELinux. If you wanted SELinux I would imagine you would start by having all of the security headers/libs(libselinux,libaudit,libattr,etc..) before building libc, then after libc making sure all other apps/libs that give an SElinux switch are turned on. Then once thats done grab refpolicy and start locking down your system.
Justin P. Mattock -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
