antiX-bullseye-a2-x64-full available

Forum Forums antiX-development Development antiX-bullseye-a2-x64-full available

  • This topic has 46 replies, 14 voices, and was last updated Apr 29-7:10 pm by calciumsodium.
Viewing 2 posts - 46 through 47 (of 47 total)
  • Author
    Posts
  • #58266
    Member
    Avatarskidoo

    I am curious why that is so [for this specific kernel]

    a plaintext file
    /boot/config-4.9.235-antix.1-amd64-smp
    (exact filename varies based on kernel version)
    Search for ‘SELINUX’ within the file.

    For comparison, here is the result for /boot/config-4.9.235-antix.1-amd64-smp

    CONFIG_SECURITY_SELINUX=y
    CONFIG_SECURITY_SELINUX_BOOTPARAM=y
    CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
    CONFIG_SECURITY_SELINUX_DISABLE=y
    CONFIG_SECURITY_SELINUX_DEVELOP=y
    CONFIG_SECURITY_SELINUX_AVC_STATS=y
    CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
    CONFIG_DEFAULT_SECURITY="selinux"
    CONFIG_DEFAULT_SECURITY_SELINUX=y

    For that particular kernel you are running, maybe one or all of the “y” values was, instead, configured to “n” (intentionally, or perhaps as an oversight during configuration) so the check, and the associated warning, is skipped.

    #58269
    Member
    Avatarcalciumsodium

    Hi @skidoo,
    I am using 5.10.27 kernel for both a2-runit and a2-full. As you suggested, I examined the config-5.10.27-antix.1-amd64-smp of each of the a2-runit and a2-full. Below, I am displaying any lines that contain the selinux keyword. As you can see, they are identical. Before using the selinux=0 command to disable the selinux, a2-runit would not display the selinux policy.33 error message, but a2-full would. With respect to the config-5.10.27-antix.1-amd64-smp of each of the a2-runit and a2-full systems, the selinux parameters appear to be identical.

    For a2-runit: config-5.10.27-antix.1-amd64-smp

    CONFIG_SECURITY_SELINUX=y
    CONFIG_SECURITY_SELINUX_BOOTPARAM=y
    CONFIG_SECURITY_SELINUX_DISABLE=y
    CONFIG_SECURITY_SELINUX_DEVELOP=y
    CONFIG_SECURITY_SELINUX_AVC_STATS=y
    CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
    CONFIG_SECURITY_SELINUX_SIDTAB_HASH_BITS=9
    CONFIG_SECURITY_SELINUX_SID2STR_CACHE_SIZE=256

    CONFIG_DEFAULT_SECURITY_SELINUX=y

    CONFIG_LSM=”yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor”

    For a2-runit: config-5.10.27-antix.1-amd64-smp

    CONFIG_SECURITY_SELINUX=y
    CONFIG_SECURITY_SELINUX_BOOTPARAM=y
    CONFIG_SECURITY_SELINUX_DISABLE=y
    CONFIG_SECURITY_SELINUX_DEVELOP=y
    CONFIG_SECURITY_SELINUX_AVC_STATS=y
    CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
    CONFIG_SECURITY_SELINUX_SIDTAB_HASH_BITS=9
    CONFIG_SECURITY_SELINUX_SID2STR_CACHE_SIZE=256

    CONFIG_DEFAULT_SECURITY_SELINUX=y

    CONFIG_LSM=”yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor”

Viewing 2 posts - 46 through 47 (of 47 total)
  • You must be logged in to reply to this topic.