From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38503) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d17UY-0000we-Q3 for guix-patches@gnu.org; Thu, 20 Apr 2017 04:31:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d17UV-0003Oq-Fc for guix-patches@gnu.org; Thu, 20 Apr 2017 04:31:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:59675) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d17UV-0003OH-4N for guix-patches@gnu.org; Thu, 20 Apr 2017 04:31:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1d17UU-0000lE-Nz for guix-patches@gnu.org; Thu, 20 Apr 2017 04:31:02 -0400 Subject: bug#26561: [PATCH 0/9] SELinux Resent-Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Thu, 20 Apr 2017 10:30:00 +0200 From: julien lepiller In-Reply-To: <87r30otbe3.fsf@fastmail.com> References: <20170419125608.31664-1-rekado@elephly.net> <87r30otbe3.fsf@fastmail.com> Message-ID: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 26561@debbugs.gnu.org Le 2017-04-19 22:01, Marius Bakke a écrit : > Ricardo Wurmus writes: > >> This patch series adds SELinux libraries and tools. >> >> Ricardo Wurmus (9): >> gnu: Add libsepol. >> gnu: Add checkpolicy. >> gnu: Add libselinux. >> gnu: Add libsemanage. >> gnu: Add secilc. >> gnu: Add python-sepolgen. >> gnu: Add python-ipy. >> gnu: Add python-setools. >> gnu: Add policycoreutils. > > Wow, amazing work! I've read through the patches and they LGTM apart > from the minor nitpicks sent separately. Thanks a lot for this! How exciting! I once tried to install all that on my LFS system, but I couldn't find how to enable SELinux (setenforce 1 wouldn't work). Could you explain what steps need to be taken so I can activate SELinux on GuixSD? Or what is still laking? Could we imagine configuring the policy from the operating-system declaration?