Re: [ANN] Madison policy generation tools

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Karl MacMillan wrote:
The first public release of the Madison SELinux policy generation tools can be found at http://et.redhat.com/madison/. Madison is a new project to create command line and GUI policy generation tools that: 

  * Create more readable and secure policy by leveraging the reference
    policy development environment.
  * Provide administrators with guidance and information to help them
    make good security decisions.
This release focuses on the creation of a foundation library (in python). It only includes a single tool - audit2policy - that is a drop in replacement for audit2allow with better reference policy interface call generation (using the undocumented -R audit2allow flag). 

Contributions are very welcome. I'm looking for help with:

  * Testing (particularly interface call generation and module
    generation)
  * Documenation
  * Unit test creation
  * Code / tool development

See the website for more details on contributing.
To the authors of other policy generation tools: I would like to avoid duplication of effort where possible. The current release focuses on areas that other tools have not explored thoroughly. Moving forward I would to discuss how we can best work together. 

Please send any feedback to the selinux development list.
I dont want to subscribe to yet another list so I will send in my comments here. I have put in a announcement in fedoraproject.org. A few questions.
* I installed the FC6 version. audit2policy is the only tool in this package as of now. Do you plan to include it within a existing package or introduce a new one? Do you plan to replace audit2allow with this? What are the specific differences between them?
* What is the plan for the GUI application? Is this connected to system-config-selinux or semanage?
* There is absolutely no documentation on the madison package and running audit2policy on its own doesnt return the prompt (that probably should return some basic help and we need a man page). I can help with writing documentation if someone can explain the details to me. 

Rahul


--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux