SELinux [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

SELinux [Electronic resources] - نسخه متنی

Bill McCarty

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید








3.2 Installing SELinux


SELinux can
be installed in three fundamental ways:

As an integral component of a Linux distribution, installed at the
same time as the distribution

By using binary or source packages, such as the
.deb packages used by Debian GNU/Linux; the
ebuilds used by Gentoo Linux; or the RPM packages used by Fedora
Core, Red Hat Enterprise Linux, and SUSE Linux

By downloading, compiling, and installing the sources provided by the
NSA


At the time of writing, only Fedora Core and Gentoo contain SELinux
as a fully supported, native facility. So unless you choose one of
those distributions, you must install SELinux yourself. If you
install SELinux yourself, it's generally much more
convenient to do so using packages. However, prebuilt packages are
not available for every Linux distribution. Those who are unable or
unwilling to use a distribution for which packages are available must
compile the sources provided by the NSA. In many cases, the sources
must be modified in order to work properly with the distinctive
characteristics of a specific Linux distribution.

The following sections explain how to install and initially configure
SELinux for several popular Linux distributions. The final section of
this chapter explains how to install SELinux using the source code
provided by the NSA.


Using X with SELinux


Coaxing SELinux into working with
X has proven to be somewhat difficult.
Recent releases of SELinux perform much better in this regard than
older releases. But they still fall short of perfection.
It's common for SELinux users to find that the login
screen doesn't appear or that they
can't log in.

The KDE Desktop has so far proven more
resistant to interoperation with SELinux than its rival desktop,
GNOME. The central problem is that
various KDE programs run as identically named processes. Thus,
SELinux cannot assign these KDE processes to distinct domains. One
result of this inability is that KDE's temporary
files sometimes cannot be labeled with appropriate domains. Thus,
with respect to KDE, SELinux policies tend either to be too
restrictive or too lax. We can hope that a future release of KDE or
SELinux will somehow address this problem. In the meantime, for those
using SELinux, GNOME is generally a better desktop choice than KDE.

If you find yourself unable to log into X, try returning to a
text-mode console by pressing Ctrl-Alt-F1. Then log in and reboot the
system in non-SELinux mode, as explained in Chapter 4.


/ 100