> -----Original Message-----
> From: Fred Blaise [mailto:fred.blaise modernp.com]
> Sent: Wednesday, December 20, 2006 9:37 AM
> To: gentoo-hardenedlists.gentoo.org
> Subject: [gentoo-hardened] Xen and SElinux
>
> Hi all
>
> I would like to setup xen with SElinux. The packages
version I have
are:
>
> app-emulation/xen
> Latest version available: 3.0.2
> Latest version installed: 3.0.2
>
> sys-kernel/xen-sources
> Latest version available: 2.6.16.28-r1
> Latest version installed: 2.6.16.28-r1
>
> However, I can't find any references to SELINUX in the
.config file.
>
> I have googled around and ask on the xen-users mailing
list about how
to
> include SElinux, and have been redirected here.
>
> I am seeking advices on how to do it.
>
> Thanks for the time and help.
>
> Best,
> fred
> --
> gentoo-hardenedgentoo.org mailing list
SELinux is available in all 2.6 kernels. To use Gentoo with
Xen and
SELinux, I had to switch to the SELinux 2006.1 profile,
which is still
in testing. This is the first Gentoo with support for
modular SELinux
reference policy, which has a policy module for Xen. The
SELinux
upgrade, however, requires glibc 2.4 which is not yet
available for
hardened gcc.
Info on migrating Gentoo to SELinux 2006.1, as well as
modifying a
kernel for use with SELinux is available here:
http://archives.gentoo.org/gentoo-hardened/msg_06462.xml
Use the latest xen-sources kernel and configure it for
SELinux. Note
that the Xen policy is not yet available in portage; I found
it here:
http
://oss.tresys.com/projects/refpolicy/browser
Good luck!
Richard.
--
gentoo-hardenedgentoo.org mailing list
|
Best,
fred
--
gentoo-hardened