LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 02-23-2008, 01:41 PM   #1
mjgreen
LQ Newbie
 
Registered: Feb 2008
Posts: 13

Rep: Reputation: 0
selinux and slackware


Anyone tried it?

Yes, I know there's some outdated build scripts on the slackware for distributions site; I've updated these to latest selinux packages/latest slack, however those particular builds add PAM and some other stuff to slack, which I don't want to do.
 
Old 02-24-2008, 10:55 PM   #2
truthfatal
Member
 
Registered: Mar 2005
Location: Winnipeg, MB
Distribution: Slackware, OS X
Posts: 443
Blog Entries: 9

Rep: Reputation: 32
There was a discussion on the NSA Mailing list for SELinux a while back (Google selinux +"without PAM")
The discussion seems to indicate that some policy tweaking can rid you for the PAM requirement.

Quote:
SELinux doesn't strictly require the use of PAM; you can port it to Slackware without necessarily converting to PAM. Using SELinux without PAM (and pam_selinux) just requires policy modifications to allow direct program reading of /etc/shadow and direct patching of login. pam_selinux was actually introduced by Red Hat when they integrated SELinux into Fedora Core; prior to that, login was directly patched for SELinux. So an alternative path is to resurrect the old login patch for SELinux and adjust policy accordingly.

--
Stephen Smalley
National Security Agency
http://www.nsa.gov/selinux/list-arch...ead_body60.cfm

/*
If you can find the patch mentioned in this link ( http://www.engardelinux.org/modules/...&month=2007-12 ) You would probably have something very helpful.
*/

Last edited by truthfatal; 02-24-2008 at 11:24 PM. Reason: broken link
 
Old 02-25-2008, 07:03 AM   #3
mjgreen
LQ Newbie
 
Registered: Feb 2008
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by truthfatal View Post
There was a discussion on the NSA Mailing list for SELinux a while back (Google selinux +"without PAM")
The discussion seems to indicate that some policy tweaking can rid you for the PAM requirement.


http://www.nsa.gov/selinux/list-arch...ead_body60.cfm

/*
If you can find the patch mentioned in this link ( http://www.engardelinux.org/modules/...&month=2007-12 ) You would probably have something very helpful.
*/
Yup, that may have been me (though not me in the thread u posted). You can get rid of PAM, its just resurrecting the patch (and finding it first)
 
Old 09-09-2008, 09:37 PM   #4
vbatts
Member
 
Registered: Jun 2005
Location: Raleigh, NC, USA
Distribution: slackware
Posts: 68

Rep: Reputation: 26
i'm not sure that the patch will be your golden ticket, but if you want to find it, its inside an rpm src package.

package name 'util-linux-2.11y-31.2.src.rpm', of course version info maybe different.

mirror page
http://www.filewatcher.com/m/util-li...52730.0.0.html


then just 'rpm2cpio util-linux-2.11y-31.2.src.rpm | cpio -idvm ' and you see it extracted the 'util-linux-selinux.patch' file you were referring to.

vb
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"../system.h :selinux/selinux.h:no such file or directory" ashmita04 Linux From Scratch 4 02-05-2009 03:36 AM
HELP with SELINUX Iamriccati Linux - Newbie 4 12-03-2007 10:19 PM
SELinux Vagrant Arch 3 02-24-2006 09:06 PM
SELinux and Slackware 2.6.14. Is it installed by default? Mainframe Linux - Security 1 11-11-2005 10:10 AM
Selinux fedorafreak Fedora 2 08-15-2004 09:41 AM


All times are GMT -5. The time now is 02:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration