[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add SELinux policy for guix-daemon.
From: |
Ricardo Wurmus |
Subject: |
Re: [PATCH] Add SELinux policy for guix-daemon. |
Date: |
Fri, 16 Feb 2018 16:58:10 +0100 |
User-agent: |
mu4e 0.9.18; emacs 25.3.1 |
Gábor Boskovits <address@hidden> writes:
>> > The resulting policy could then be used on GuixSD or any other system
>> > that doesn’t have a full SELinux configuration.
>>
>
> I looked around a little, and it seems, that at least Fedora and Debian
> has their base policies originated from SELinux reference policy:
> https://github.com/TresysTechnology/refpolicy/wiki
>
> I guess it would be nice to investigate how we could adopt this to GuixSD.
> WDYT?
Indeed. I didn’t know about the reference policy. We could take parts
of it and define an SELinux system service that applies it on boot.
--
Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
https://elephly.net