Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/archlinuxhardened/selinux
PKGBUILDs to build SELinux enabled packages for Arch Linux
https://github.com/archlinuxhardened/selinux
Last synced: 3 months ago
JSON representation
PKGBUILDs to build SELinux enabled packages for Arch Linux
- Host: GitHub
- URL: https://github.com/archlinuxhardened/selinux
- Owner: archlinuxhardened
- Created: 2014-05-30T16:20:33.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2024-07-16T21:08:10.000Z (4 months ago)
- Last Synced: 2024-07-18T01:33:40.900Z (4 months ago)
- Language: Shell
- Size: 8.22 MB
- Stars: 145
- Watchers: 17
- Forks: 25
- Open Issues: 14
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
![build](https://github.com/archlinuxhardened/selinux/workflows/Build/badge.svg)
PKGBUILDs for SELinux support in Arch Linux
===========================================Complete documentation will soon be available at:
https://wiki.archlinux.org/index.php/SELinuxAuthors
-------Authors are credited in the PKGBUILD file for each package.
Binary repository
-----------------The releases page functions as a pacman repository. It can also be used when
installing Arch Linux using `base-selinux` -package instead of plain `base`.To use it, add the following lines to your `/etc/pacman.conf`:
```
[selinux]
Server = https://github.com/archlinuxhardened/selinux/releases/download/ArchLinux-SELinux
SigLevel = Never
```
While the repository remains unsigned, SigLevel has to be set to Never.Build order
-----------Remember to build as a non-root user, and to keep a root logged-in console to
install packages (especially for sudo/shadow/pam packages).First, we build all packages from the SELinux userspace projet. They do not
replace any official Arch Linux packages:* libsepol
* libselinux
* secilc
* checkpolicy
* setools
* libsemanage
* semodule-utils
* policycoreutils
* selinux-dbus-config
* selinux-gui
* selinux-python
* selinux-sandbox
* mcstrans
* restorecondThis makes it possible to install a pacman hook which relabels files when installing and updating packages:
* selinux-alpm-hookNow we start replacing core packages:
* pambase-selinux
* pam-selinux
* coreutils-selinux shadow-selinux cronie-selinux sudo-selinux
* util-linux-selinux
* systemd-selinux
* logrotate-selinux
* dbus-selinuxOptional but very nice to have:
* openssh-selinux findutils-selinux iproute2-selinux psmisc-selinuxPolicy
------There is not yet a SELinux policy for Arch. To build a policy, here are some useful links:
* https://github.com/SELinuxProject/refpolicy The Reference Policy
* https://github.com/pebenito/refpolicy ongoing work to include a systemd policy in the refpolicy (announcement: http://oss.tresys.com/pipermail/refpolicy/2014-October/007430.html)
* http://anonscm.debian.org/cgit/selinux/refpolicy.git/tree/debian/patches Debian patches for refpolicy package (including systemd patches)
* https://github.com/selinux-policy/selinux-policy/tree/rawhide-base Fedora policy