| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Comments:
<0> vmware up and runnin
<1> well?
<1> Is parallels better than vmware?
<1> ****e
<1> out of space :(
<0> dunno, i haven't used parallels
<0> but so far vmware seems pretty sweet
<0> kinda wish there was a more elegant way to switch back and forth between operating systems though
<0> brb rebooting vmware
<2> nobody listens to me
<2> put one OS on one hard drive
<2> put the other on another
<2> removable trays
<2> BAM, you're done
<2> :)
<1> why not just dual boot?
<1> no need to swap drives...
<2> NO
<1> lol
<2> swapping is more fun
<1> k
<2> think if mexico goes into civil war
<2> or if ol' boy tries a hostile takeover
<2> that'd be sweet
<1> damn this SELINUX
<1> I have no clue what to name my dirs so my services will work properly :(
<2> why the hell isn't castro dead
<1> get over it
<0> MrStabby: or.. why not just run both at the same time?
<3> MrStabby did you get it all worked out?
<1> korozion: do you use SELinux?
<3> yep
<3> why?
<3> are you hax0ring my ****?
<4> yes
<3> oh noes
<5> me too
<3> aww crap
<1> having some trouble
<1> mostly not sure wtf i'm doing ;p
<5> er
<1> Sep 7 23:36:30 surkits audit(1157697390.722:2986202580): avc: denied { tcp_recv } for saddr=10.10.1.1 src=1071 daddr=10.10.1.11 dest=514 netif=eth0 scontext=staff_u:sysadm_r:syslogd_t tcontext=system_u:object_r:netif_t tcl***=netif
<5> /home/korosion
<1> Do i have to allow syslogd to access the netif_t domain?
<6> re2all in da work
<6> sombodu tune (m|o|fake)ident servise?
<1> korozion: ?
<3> bitrot what 'mode' are you using?
<1> strict
<3> oh
<1> what mode do you use?
<3> I stayed away from that. I tried it once before and spent a few days fixing ****
<3> been using med on that server
<1> what's the difference?
<1> strict is a real real real big pain in th *** :(
<3> I forget, but their site describes it
<3> just use med, you'll save yourself a LOT of pain
<1> sooo are you using the CVS?
<3> no
<3> stable
<1> oh
<1> I am :\
<1> More policies
<1> but
<1> not helpful when I can't get **** to werk :(
<3> just try med
<3> you'll thank me later
<1> medium sounds fair
<1> but
<1> that error
<1> was i correct?
<3> best part is, you can start with medium, then go custom from there
<3> dunno
<3> try med, then paste any errors you get
<3> :)
<1> lol
<1> well i'm not sure how to even set this up
<3> pick med, and it does the rest
<3> I can't simplify it anymore :)
<1> do you edit default_contexts at all?
<3> nope, just pick med
<1> hmm
<1> thre is no 'med
<3> then if you want to get fancy from there, at least you have something to work from
<3> hrm
<3> sec
<1> strict, and targeted
<3> let me look at what it's called
<3> have you been on their site?
<1> # strict-mls, targeted-mls,
<1> # strict-mcs, targeted-mcs
<1> which one?
<3> I just compiled the new kernel tonight too
<1> NSA?
<3> where?!?!
<3> :P
<3> sec
<1> which site lol
<3> oh, the grsec siet
<3> *site
<1> grsec?
<6> hey! smbody hearth me?
<1> grsec != selinux I thought?
<3> yeah, sorry
<3> heh, working on something else
<3> selinux site
<3> nsa
<3> err whatever they are now
<1> yeah
<3> http://www.nsa.gov/selinux/
<3> so, yeah
<1> yeah...
<1> i've been there...
<1> many times
<1> mainly tech papers
<1> nothing about setting the actual system up
<3> yeah, they're a pain
<1> just on how it works
<3> they like to tell you a lot, but nothing at the same time
<3> I think I still have a tutorial around here somewhere
<3> I also think I've got rid of the selinux box
<1> they talk about how to setup the policies
<1> and how to setup your own domains
<1> all very good info but i'm not even there ye t:(
<3> yeah, I know. It's a pita
<1> ttp://www.nsa.gov/selinux/papers/policy2/x689.html
<6> hrrr...
<1> no type of 'medium'
<3> bitrot ignore what I was saying about med
<1> k
<3> I was thinking grsec then
<3> but yeah, I have
<1> ah okay
<3> well had, a selinux box
<3> it's the pita
<3> grsec is easy, but going that extra step to selinux is a bitch
<1> I just don't want my users to be able to see eachothers procs or sockets
<3> :|
<3> so why the hell are you worried about selinux?
<1> what doesn't grsec offer that selinux does?
<4> http://forums.gentoo.org/viewtopic-p-3562228.html#3562228
<3> grsecurity protects against everything but root - selinux goes the extra step to make root non-special.
<1> korozion: how else am I supposed to do it? :(
<3> live by that rule
<3> forget selinux
<1> so i can do the same with grsec?
<3> yes
<3> the box MrStabby is on is grsec only
Return to
#gentoo
or
Go to some related
logs:
#delphi
keep a buzz all day
#visualbasic
#computers
BananaAlbum index
#iptables
#linuxhelp
ANEELA ARAS
#gentoo
Defaultviewer2
|
|