Re: Problem compiling lsm with 2.4.18 kernel

• Previous message: Stephen Smalley: "Re: Problem compiling lsm with 2.4.18 kernel"
• In reply to: Stephen Smalley: "Re: Problem compiling lsm with 2.4.18 kernel"
• Next in thread: Chris Wright: "Re: Problem compiling lsm with 2.4.18 kernel"
• Reply: Chris Wright: "Re: Problem compiling lsm with 2.4.18 kernel"
• Reply: Seth Arnold: "Re: Problem compiling lsm with 2.4.18 kernel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks a lot for the information. I'm basically starting to learn about
various security aspects of Linux and wanted to look at them, try to
learn them and also test them out, which is why they were installed the
way they were... The primary module that I was really interested in was
LIDS. I did not know that the modules could not be mixed like that. I'll
check out the documentation of SELinux more thoughroughly. Is there a
page that has more documentation on LSM itself?

Thanks again,
Steve Johnson

On Thu, 2002-04-18 at 15:01, Stephen Smalley wrote:

    On 18 Apr 2002, Steve Johnson wrote:
    
    > This is my first attempt at installing an LSM patched kernel, but I'm
    > having problems compiling the kernel after configuring the kernel. I'm
    > trying to build it on a RedHat 7.2 system.
    >
    > I have patched a newly uncompressed 2.4.18 kernel with the
    > lsm-full-2002_02_25-2.4.18 patch. The patching process worked fine and
    > I've configured the kernel with the following options:
    
    You might want to use the head of the BitKeeper tree rather than the
    last snapshot patch.
    
    > #
    > # Security options
    > #
    > CONFIG_SECURITY_CAPABILITIES=y
    
    If you enable capabilities as built-in, then you won't be able to
    dynamically insert any other security modules.  Probably not what you
    want.  Which security module did you actually want to use?  You can't
    simply mix-and-match them arbitrarily.
    
    > CONFIG_SECURITY_SELINUX=m
    > CONFIG_SECURITY_SELINUX_DEVELOP=y
    > CONFIG_SECURITY_SELINUX_MLS=y
    
    If you want to use SELinux, then you'll need to obtain the non-kernel
    components of SELinux and follow the README instructions from the NSA web
    site, as noted in the help text for the SELinux option.  It is generally
    recommended that you build SELinux into the kernel if you want to use it.
    The MLS option isn't a good idea unless you really want to experiment
    with it, as noted in the help text.
    
    > Any ideas what could be causing this or possible ways to solve the
    > issue?
    
    There have been a number of changes to the LIDS module since that snapshot
    patch was created, so I'd suggest using the head of the BitKeeper tree.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: Problem compiling lsm with 2.4.18 kernel"
• Previous message: Stephen Smalley: "Re: Problem compiling lsm with 2.4.18 kernel"
• In reply to: Stephen Smalley: "Re: Problem compiling lsm with 2.4.18 kernel"
• Next in thread: Chris Wright: "Re: Problem compiling lsm with 2.4.18 kernel"
• Reply: Chris Wright: "Re: Problem compiling lsm with 2.4.18 kernel"
• Reply: Seth Arnold: "Re: Problem compiling lsm with 2.4.18 kernel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 18 2002 - 12:26:00 PDT