On 18 Oct 2001, J wrote:

> If you are not using PAM it didn't compile so I just moved
<snip>
> Also newrole.c line 412 almost certanly has an error
<snip>

Yes, sorry about that. The fixes for using run_init and newrole when not using PAM didn't make it in prior to cutting this release. The attached patch fixes these errors and makes a few other minor changes. To apply, save it to ~/shadow.patch, change to your selinux directory, and run 'patch -p1 < ~/shadow.patch'. This patch is relative to the sources in the release.

> Also, I have integrated this with a Slackware 8.0 filewall
> that is re-exporting nfs filesystems to samba for windows clients.
> It is also running dhcp. I have created iptables, dhcpd, and samba
> domains. I also had to change a huge amount of file_contexts. It is
> working fine as a production server. I am very pleased with selinux.

Glad to hear that SELinux is working well for you. If you are willing to share your policy customizations, we would be interested in seeing them. If they aren't too specific to your particular setup, we might roll them into the example policy in the distribution. Even if they are very specific to your setup, it might still be good to make them available for reference by others, perhaps on the sourceforge selinux project site.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com





--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.



TEXT/PLAIN attachment: shadow.patch