SELinux Enforcing on SLED 11 SP2

SUSE Product Topics SLED Configure-Administer
1

Hi,

I’m trying to enforce SELinux on SLED 11 SP2 and followed instructions for “SELinux and openSUSE 11.1” from “http://en.opensuse.org/SDB:SELinux”.

Here is my SLED11 version details.
output of “cat SuSE-release” is
SUSE Linux Enterprise Desktop 11 (X86_64)
Version =11
PATCHLEVEL = 2

when I’m trying to execute “zypper in checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1” not able to install packages.
My system doesn’t have location /etc/selinux/config. So, i have created this file.

when I do execute “sestatus”, getting the output “command not found”

How can I enforce SELinux on SLED 11 SP2?

Appreciated your help in advance.

Thanks\aga.

2

On 30/05/2012 23:34, nagamohanp wrote:
[color=blue]

I’m trying to enforce SELinux on SLED 11 SP2 and followed instructions
for “SELinux and openSUSE 11.1” from
SDB:SELinux - openSUSE Wiki”.

Here is my SLED11 version details.
output of “cat SuSE-release” is
SUSE Linux Enterprise Desktop 11 (X86_64)
Version =11
PATCHLEVEL = 2

when I’m trying to execute “zypper in checkpolicy policycoreutils
selinux-tools libselinux1 libsepol1 libsemanage1” not able to install
packages.
My system doesn’t have location /etc/selinux/config. So, i have
created this file.

when I do execute “sestatus”, getting the output “command not found”

How can I enforce SELinux on SLED 11 SP2?

Appreciated your help in advance.[/color]

Whilst the Release Notes for both SLED11 and SLED11 SP1 note that
SELinux capabilities were added as a Technology Preview, there is no
mention of SELinux in the either the Release Notes or documentation for
SLED11 SP2 (though it’s also not covered in docs for SLED11 or SLED11 SP1).

I can’t imagine the instructions for openSUSE 11.1 would apply for
SLED11 SP2 - it’s more likely to be the ones for openSUSE 11.3.

The mention in Release Notes for the earlier releases do note that:

–begin–

  • The shipped kernel features SELinux support.
  • We will apply SELinux patches to all “common” userland packages.
  • The libraries required for SELinux (libselinux, libsepol, libsemanage,
    etc.) were added to openSUSE and SUSE Linux Enterprise.
  • However, we are not offering enterprise class support for SELinux at
    this time; thus we will run QA with SELinux disabled to ensure that
    SELinux patches do not break the default delivery and the majority of
    packages.
  • We will not be shipping SELinux specific tools as part of the default
    distribution delivery. However, the packages (such as checkpolicy,
    policycoreutils, selinux-doc) will be available through the SUSE Linux
    Enterprise Desktop repositories.
    —end—

Let me ask my contacts at SUSE …

HTH.

Simon
Novell/SUSE/NetIQ Knowledge Partner

Do you work with Novell technologies at a university, college or school?
If so, your campus could benefit from joining the Novell Technology
Transfer Partner (TTP) program. See TTP Organization | Micro Focus for more details.