SElinux ia available in official Arch kernel - Githubissues

archlinuxhardened / selinux

PKGBUILDs to build SELinux enabled packages for Arch Linux

146 stars 25 forks source link

SElinux ia available in official Arch kernel #19

Closed Maryse47 closed 5 years ago

Maryse47 commented 5 years ago

Does it make sense to maintain linux-selinux anymore? It only takes to add selinux=1 security=selinux in cmdline in official kernels.

https://wiki.archlinux.org/index.php/SELinux#Current_status_in_Arch_Linux

fishilico commented 5 years ago

The last time SELinux was enabled in Arch Linux configuration, it barely survived a week, and it was last month (cf. https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/linux&id=c75a915313f72924fa0a3ed45356f9e0ea488f3b and https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/linux&id=62b80117614b44f4a17921b0d1cb9b9e6d08fa4e). The previous attempt survived 3 months (it has been introduced in 3.13 in https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/linux&id=a1bf3bc4dde855b65095714189f5dccf562b0d9f and dropped in 3.14 with https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/linux&id=be17a7f9fa44af6d1c48c08196f003fb365da822). As I am not aware of what has caused Arch Linux kernel maintainers to change their mind, I will wait for some months before dropping linux-selinux maintenance.

Maryse47 commented 5 years ago

Right. I know all of this very well. Disabling it again will be ridiculous.

BTW: AppArmor userspace tools will be soon in official repos.