On Thu, 2006-03-30 at 15:00 -0500, Daniel J Walsh wrote: > Stephen J. Smoogen wrote: > > On 3/29/06, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > >> I have back ported the entire selinux tool chain to RHEL4. I have also > >> attempted to create a modular policy to match RHEL4 policy as closely as > >> possible. > >> > >> These packages are out on > >> > >> ftp://people.redhat.com/dwalsh/SELinux/RHEL4_MODULAR > >> > >> If anyone wants to play with these and do some testing that would be great. > > > > Cool. I realize there is no promise but I will try them on a test box. > > What should I look for in a test plan? Also what is the difference > > between selinux-policy-2.2.28-1.rhel4.noarch.rpm and > > selinux-policy-targeted-2.2.28-1.rhel4.noarch.rpm? > > > > > Look for regressions. Want to make sure RHEL4 works the same under > both. The new policy has some added allows but should not have any ones > missing. There are some types that have been eliminated but they were > not used. One known thing would be the missing su(do)+pam_login rules. I plan on making a rhel4 distro tunable (which infers the redhat tunable too), to handle things that are in RHEL4, but no longer in newer Red Hat releases. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
