[arch-general] SELinux packages status update
eduardo.machado at gmail.com
Mon Nov 4 06:38:57 EST 2013
2013/11/3 Timothée Ravier <siosm99 at gmail.com>
> I've updated all the SELinux related packages in the AUR. I've changed
> most packages names to better fit with upstream names and AUR naming
> policy (selinux-pam -> pam-selinux; selinux-usr-libselinux ->
> libselinux). I'll keep the old ones a week or two, just in case, then
> I'll ask for deletion.
> I've only tested those packages in SELinux _disabled_ mode as currently
> there aren't any usable policy. I'll be working on this from now on.
> Status of core packages that requires patches or rebuild:
> * linux: rebuild. bug opened in the Arch bugtracker;
> * coreutils: rebuild (links with libselinux);
> * cronie: rebuild '--with-selinux' flag;
> * findutils: need SELinux patch, can be upstreamed, but is upstream
> still alive ?
> * openssh: rebuild '--with-selinux' flag;
> * pambase: configuration changes to add pam_selinux.so;
> * pam: rebuild '--enable-selinux' flag for Linux-PAM, patch for
> pam_unix2, which only removes a function already
> implemented in a library elsewhere. Is there an
> upstream here? I couldn't find one;
> * psmisc: small patch, already upstream. Will be in version 22.21;
> * shadow: rebuild '-lselinux' and '--with-selinux' flags;
> * sudo: rebuild '--with-selinux' flag;
> * systemd: rebuild '--enable-selinux' flag;
> * util-linux: rebuild '--with-selinux' flag;
> 1 rebuild as-is,
> 8 rebuild with additional flags/config,
> 3 rebuild with patches required (with one already upstream and two
> potentially dead upstream).
> I think this looks good!
> Suggestions for packages are welcomed as AUR comments or issues on
> GitHub: https://github.com/Siosm/siosm-selinux
> A repository with signed packages for x86-64 only is available at
> http://repo.siosm.fr/siosm-selinux/ (See
> https://tim.siosm.fr/repositories/ if you need instructions or GPG
> public key).
> I'll also update the Arch Wiki SELinux page soon.
> I'll setup an other repository for the SELinux policy as soon as I have
> something which can boot in enforcing mode.
I have to congratulate you and all devs for the really great work.
A big thanks!
More information about the arch-general