SELinux discussion at Hackathon - call for input
Joel Stanley
joel at jms.id.au
Tue Jan 9 09:41:29 AEDT 2018
On Tue, Jan 9, 2018 at 5:27 AM, <Michael.E.Brown at dell.com> wrote:
> Hello to everybody who is going to the hackathon. I currently am scheduled
> for an hour to talk about SELinux on Wed.
>
>
>
> What would people like to know? What is the best possible use of this hour,
> and what does everybody want to walk away with at the end?
>
>
>
> My background: I led the implementation of a full SELinux policy
> implementation for Dell IDRAC which will be delivered in our product
> starting later this year. I did the initial work of setting up the
> implementation strategy, did much of the initial work to get everything
> building, and then supervised the implementation. Where I’m less strong
> right now is actual details of writing policy, as I’ve largely let our lead
> devs on the selinux team write the actual policy for the past 2 years of
> implementation effort.
Cool!
> What I might suggest would be helpful:
>
> - Outline of build requirements for selinux
>
> - Example implementation strategy
>
> - Example project development rules for dealing with selinux
This list looks good.
I would like to see a demo of OpenBMC booting with selinux in
enforcing mode. How far are we away from being able to do that?
Do you plan on submitting on SELinux policies for the default
applications in the phosphor layer?
Cheers,
Joel
More information about the openbmc
mailing list