On Fri, 2012-02-10 at 00:05 +1100, Russell Coker wrote: > On Thu, 9 Feb 2012, "C.J. Adams-Collier KF7BMP" <cjac@xxxxxxxxxxxxxxx> wrote: > > On Wed, 2012-02-08 at 08:24 -0500, Stephen Smalley wrote: > > > On Tue, 2012-02-07 at 13:05 -0800, C.J. Adams-Collier wrote: > > > > cjac@foxtrot:~$ sudo which seinfo > > > > cjac@foxtrot:~$ apt-file search seinfo | grep bin | wc -l > > > > 0 > > > > > > seinfo is part of the setools package. > > > > $ apt-cache search -n setools > > erlang-parsetools - Erlang/OTP parsing tools > > > > Hmm. > > # apt-cache search -n setools > erlang-parsetools - Erlang/OTP parsing tools > libsetools-java - SETools Java bindings (architecture-independent) > libsetools-jni - SETools Java bindings (architecture-dependent) > libsetools-tcl - SETools Tcl bindings > python-setools - SETools Python bindings > setools - tools for Security Enhanced Linux policy analysis > > Works for me when tracking unstable. I was hoping you wouldn't say that. I like the sound of wheezy better than sid. I guess my $ cat /etc/debian_version says wheezy/sid Let's get it back into testing if we can. > http://bugs.debian.org/cgi-bin/pkgreport.cgi?package=setools > > But it's got a grave bug and an important bug. CJ Would you like to help in > fixing these? It's probably not going to be any more difficult than building > your own copy from upstream source. That sounds fine. If maintenance lasts beyond 2013/01/01, (and I expect it will), you should know that my volunteer time will be considered part of my donation in public service to my state guard association. Shared Copyright will then be donated to this public Company. I have a copy of the upstream source which Mr. Smalley directed me to. I will build it as time permits. Right now I've got to write some Perl for my Employer. > > > > Sounds reasonable. Do I get policy from my distribution, or should I > > > > generate one myself? > > > > > > Normally from your distribution, assuming the selinux packages for > > > Debian are still being maintained. > > Of course they are still being maintained. Good to hear from you what I already knew. I'm glad we're all on the same page. > > I believe they are. I exchanged email with Russell about it not long > > ago. But then, gtkglarea is still officially maintained and I made the > > first update in nearly a year 36 hours ago. Perhaps the package needs 1 > > or more co-maintainers to improve coverage. > > Yes, more help would be good. Sounds good. > Manoj has disappeared, he has not answered any mail I sent him for a long > time. Everything that lists him as the maintainer needs a new maintainer. Roger. I'll get my alioth account back online and my key into my authorized_keys file. I tried to bring it back online the other day, and the mono/cli team said they thought it should still be active. So I'll see if the sysops can reset my credentials. > > > IIRC, the Debian selinux policy package tries to minimize the set of > > > installed policy modules based on the set of installed packages, but > > > that isn't an exact mapping and might be leaving you without a complete > > > policy. Whereas Fedora installs all policy modules unconditionally. > > > > If the overhead is not too great, perhaps this can be duplicated in > > Debian. I do hate paying for things I don't use, though. Especially > > when the cost is substantial. The same is probably true of many other > > Debian users. > > The only problem in Debian in this regard is when you install new packages > after installing the SE Linux policy. I plan to somehow hook into the package > installation process to install new policy modules as needed. > Sounds good. Last I heard it was written in Perl.
Attachment:
signature.asc
Description: This is a digitally signed message part
