User:SwifT/selinuxnode

From Gentoo Wiki
Jump to:navigation Jump to:search

The SELinux node is an experimental image, ready to run inside a Qemu/KVM guest, offering a Gentoo Hardened system with SELinux and IMA/EVM enabled.

The node is a small (about 1.6 Gbyte of used space) environment which offers a minimal installation. The image itself is created for 50 Gbyte but can of course be resized by the proper tools.

The image can be found on the mirrors, in experimental/amd64/qemu-selinux/.

Usage

To use the image, start it up with the following options:

Option Description
-cpu kvm64 Run with the KVM 64-bit enabled CPU, needed as the image is built for x86_64

Features

Networking

The image will run the DHCP client service (if you can tell me how to disable that as well, please), but does not enable any interfaces or any network-facing daemons explicitly.

Releases

  • version NEXT
    • Larger updates
    • Smaller updates
      • askkeymap and keymaps were both loaded; whatever came last decided on the keymap. Removed keymaps from the boot runlevel.
      • now using hardened-sources-3.8.7
  • version 20130224
    • Add in IMA/EVM support
    • Drop nano editor again (vim is used - people can "emerge nano" if needed)
  • version 20120712
    • Somewhat 'major' updates
      • Add in asking for keyboard layout (it was set to be-latin1 previously)
    • More 'minor' updates
      • Use short DHCP timeout (5 seconds)
      • Fix error message when calling man selinuxnode
      • Add in nano
      • use ~arch for some selinux userspace tools (these include some necessary fixes)
  • version 20120630
    • Initial release
Retrieved from "https://wiki.gentoo.org/index.php?title=User:SwifT/selinuxnode&oldid=16053"