Hi,

I've merged the 2.4.22 LSM patch in Russell's Debian kernel patches with the latest 2.4.22 UML bits, and placed the result here:

http://web.verbum.org/selinux/uml/

Additionally, I've created a roomy 350MB Debian sid image (which gzipped into just 370kb), set up with the latest Debian sid SELinux packages. It seems to work fine even in enforcing mode. I had to disable bootlogd though.

It's a great way to play around with SELinux, especially if you use UML's copy-on-write filesystem bits. That way if you mess something up, you can just delete your COW file and restart from the base image.

One tip: you will likely want to give your UML at least 64MB of ram; setfiles seems to be summarily executed by the OOM killer with less. Here's how I'm booting the UML:

walters@nexus> ./linux enforcing=1 mem=64M ubd0=/build/uml/debian-se-work.img,/build/uml/debian-se.img eth0=tuntap,tap0

Enjoy!

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.



application/pgp-signature attachment: This is a digitally signed message part