Re: [gentoo-hardened] keyword: amd64 or ~amd64?

On Mon, Apr 09, 2012 at 06:36:00PM -0400, Alain Toussaint wrote:
> I’m building from scratch a Samba file server which I may
> use samba4 git version (i.e. not a package from Gentoo) but the rest will
> be stock Gentoo and for the moment, I’m running stable and the profile is
> amd64/no-multilib/selinux. In order to have a good set of policies, should
> I run ~amd64 or the default will be fine?

I definitely don't recommend running the entire system in ~arch with
SELinux. I'm not able to work out the policies for ~arch in time as soon as
they are needed (in other words, I can use the 30 days "stabilization" just
to make sure the policies don't make your system unworkable).

However, the policies themselves might be a candidate for running in ~arch.

That being said, if the stable policies work for you, keep them in the
stable state ;)

        Sven

• This message: [ Message body ]
• Next message: Sven Vermeulen: "Re: [gentoo-hardened] www-client/chromium SELinux sandbox"
• Previous message: PaweÅ‚ Hajdan, Jr.: "[gentoo-hardened] www-client/chromium SELinux sandbox"
• In reply to: Alain Toussaint: "[gentoo-hardened] keyword: amd64 or ~amd64?"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]