On Wed, 2009-07-22 at 19:13 -0400, Todd Zullinger wrote: > William Case wrote: > > What I want to do is trace the implementation of SELinux; its > > modules; initiation; hooks etc. in Fedora. The Kernel.org version I > > have doesn't show SELinux coding. > > Hmm, it should, as it is in the mainline kernel these days. I > couldn't tell you much, but I think the kernel parts of selinux are > found in security/selinux within the kernel source. From the kernel > git tree: > > http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=tree;f=security/selinux;hb=HEAD > Thanks Todd. > > I have been running SELinux in the last few versions of Fedora in > > permissive or disabled mode just to get it out of the way. In F11, > > I thought I would climb the learning curve and begin to use it. > > > > There are many good tutorials and manuals out there, not the least > > of which are Fedora's own SELinux manual and the NSA's report. > > However none of them explain very well what is happening in the > > kernel. At least not as well as they could if I could see the code > > with my own eyes. > > Hopefully the code from above helps enlighten you. ;) The meat is in the policies as you have pointed out below. Unfortunately for me, I can get myself stuck with "Yea, but how does it do that?". Once I can answer that question, even if only superficially, I can comfortably move on to more significant issues. > > Also useful might be the selinux-policy packages. That's where the > actual rules and policies are kept. The fedora-selinux-list might be > able to provide more insight (surely more than I can :). -- Regards Bill Fedora 11, Gnome 2.26.3 Evo.2.26.3, Emacs 22.3.1 -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
