On 10/14/2016 09:54 PM, James Carter wrote:
> On 10/14/2016 03:26 PM, Dominick Grift wrote:
>> On 10/14/2016 09:17 PM, Dominick Grift wrote:
>>> On 10/14/2016 09:09 PM, Dominick Grift wrote:
On 10/14/2016 09:08 PM, Stephen Smalley wrote:
> On 10/14/2016 02:58 PM, Dominick Grift wrote:
On 10/14/2016 03:26 PM, Dominick Grift wrote:
On 10/14/2016 09:17 PM, Dominick Grift wrote:
On 10/14/2016 09:09 PM, Dominick Grift wrote:
On 10/14/2016 09:08 PM, Stephen Smalley wrote:
On 10/14/2016 02:58 PM, Dominick Grift wrote:
On 10/14/2016 08:52 PM, Dominick Grift wrote:
On 10/14/2016
On 10/14/2016 09:02 AM, William Roberts wrote:
> Looks like make MONOLITHIC=y policy to get the binary policy file
>
> Is it normal for checkpolicy to take 5 minutes?
No, at least not with a modern checkpolicy. Are you using a current
version?
$ time make MONOLITHIC=y policy
Compiling
Likely not, I see it compiling version 29 and I am on ubuntu which is
way out of date with this stuff... should I just use the checkpolicy
from my AOSP tree?
Or should I just install with some particular set of options from
selinux master repo?
On Fri, Oct 14, 2016 at 9:06 AM, Stephen Smalley
The 2016-10-14 / 2.6 release for the SELinux userspace is now available at:
https://github.com/SELinuxProject/selinux/wiki/Releases
This has been tagged as 20161014 in the git repository.
Below are some notes on this release for packagers of the SELinux
userspace. Please see the individual
Is it to be expected that checkfc would actually fail on refpolicy?
$ ./checkfc ../refpolicy/policy.30 ../refpolicy/file_contexts
Error: "fs_type" is not defined in this policy.
I could comment out the validation callback... but just wondering if
this is expected.
On Fri, Oct 14, 2016 at 9:08
On Fri, Oct 14, 2016 at 10:32 AM, Stephen Smalley wrote:
> On 10/14/2016 10:15 AM, William Roberts wrote:
>> Is it to be expected that checkfc would actually fail on refpolicy?
>>
>> $ ./checkfc ../refpolicy/policy.30 ../refpolicy/file_contexts
>> Error: "fs_type" is not
On 10/14/2016 10:32 AM, Stephen Smalley wrote:
> On 10/14/2016 10:15 AM, William Roberts wrote:
>> Is it to be expected that checkfc would actually fail on refpolicy?
>>
>> $ ./checkfc ../refpolicy/policy.30 ../refpolicy/file_contexts
>> Error: "fs_type" is not defined in this policy.
>>
>> I
On 10/14/2016 10:15 AM, William Roberts wrote:
> Is it to be expected that checkfc would actually fail on refpolicy?
>
> $ ./checkfc ../refpolicy/policy.30 ../refpolicy/file_contexts
> Error: "fs_type" is not defined in this policy.
>
> I could comment out the validation callback... but just
>>> now available at:
>>>> https://github.com/SELinuxProject/selinux/wiki/Releases
>>>>
>>>> This has been tagged as 20161014 in the git repository.
>>>>
>>>> Below are some notes on this release for packagers of the
>>>&g
On 10/14/2016 05:55 PM, Stephen Smalley wrote:
>>>>>> The 2016-10-14 / 2.6 release for the SELinux userspace is
>>>>>> now available at:
>>>>>> https://github.com/SELinuxProject/selinux/wiki/Releases
>>>>>>
>>>
SELinuxProject/selinux/wiki/Releases
>>>
>>> This has been tagged as 20161014 in the git repository.
>>>
>>> Below are some notes on this release for packagers of the
>>> SELinux userspace. Please see the individual ChangeLog files for
>>> a detaile
On 10/14/2016 12:02 PM, Dominick Grift wrote:
> On 10/14/2016 05:55 PM, Stephen Smalley wrote:
>> The 2016-10-14 / 2.6 release for the SELinux userspace is now
>> available at:
>> https://github.com/SELinuxProject/selinux/wiki/Releases
>>
>> This has been tagged
On 10/14/2016 09:07 AM, William Roberts wrote:
> Likely not, I see it compiling version 29 and I am on ubuntu which is
> way out of date with this stuff... should I just use the checkpolicy
> from my AOSP tree?
>
> Or should I just install with some particular set of options from
> selinux master
Yeah I just exported CHECKPOLICY to be the one from the AOSP tree and
it only took 4 seconds.
On Fri, Oct 14, 2016 at 9:07 AM, William Roberts
wrote:
> Likely not, I see it compiling version 29 and I am on ubuntu which is
> way out of date with this stuff... should I
On 10/14/2016 08:52 PM, Dominick Grift wrote:
> On 10/14/2016 07:40 PM, Stephen Smalley wrote:
>> When a non-MLS policy was used with genhomedircon context_from_record()
>> in sepol would report an error because an MLS level was present when MLS
>> is disabled. Based on a patch by Gary Tierney,
On 10/14/2016 02:52 PM, Dominick Grift wrote:
> On 10/14/2016 07:40 PM, Stephen Smalley wrote:
>> When a non-MLS policy was used with genhomedircon
>> context_from_record() in sepol would report an error because an
>> MLS level was present when MLS is disabled. Based on a patch by
>> Gary
On 10/14/2016 07:40 PM, Stephen Smalley wrote:
> When a non-MLS policy was used with genhomedircon context_from_record()
> in sepol would report an error because an MLS level was present when MLS
> is disabled. Based on a patch by Gary Tierney, amended to use
> sepol_policydb_mls_enabled rather
On 10/14/2016 02:58 PM, Dominick Grift wrote:
> On 10/14/2016 08:52 PM, Dominick Grift wrote:
>> On 10/14/2016 07:40 PM, Stephen Smalley wrote:
>>> When a non-MLS policy was used with genhomedircon
>>> context_from_record() in sepol would report an error because an
>>> MLS level was present when
On 10/14/2016 09:08 PM, Stephen Smalley wrote:
> On 10/14/2016 02:58 PM, Dominick Grift wrote:
>> On 10/14/2016 08:52 PM, Dominick Grift wrote:
>>> On 10/14/2016 07:40 PM, Stephen Smalley wrote:
When a non-MLS policy was used with genhomedircon
context_from_record() in sepol would report
On 10/14/2016 09:09 PM, Dominick Grift wrote:
> On 10/14/2016 09:08 PM, Stephen Smalley wrote:
>> On 10/14/2016 02:58 PM, Dominick Grift wrote:
>>> On 10/14/2016 08:52 PM, Dominick Grift wrote:
On 10/14/2016 07:40 PM, Stephen Smalley wrote:
> When a non-MLS policy was used with
On 10/14/2016 09:17 PM, Dominick Grift wrote:
> On 10/14/2016 09:09 PM, Dominick Grift wrote:
>> On 10/14/2016 09:08 PM, Stephen Smalley wrote:
>>> On 10/14/2016 02:58 PM, Dominick Grift wrote:
On 10/14/2016 08:52 PM, Dominick Grift wrote:
> On 10/14/2016 07:40 PM, Stephen Smalley wrote:
22 matches
Mail list logo