[freeswitch-sec] FreeSWITCH selinux policy sponsorship
R P Herrold
herrold at owlriver.com
Thu Sep 19 23:19:00 MSD 2013
On Thu, 19 Sep 2013, Kristian Kielhofner wrote:
> installed to either /opt/freeswitch or /usr/local/freeswitch.
Linux FHS conformance (the 'world' I mostly live in), and
recent Red Hat packaging practice would support the first; the
second (/use/local) -- not so much
Conspicuiously, the freeswitch packaging has not landed in
Fedora or EPEL, which are sort of gateways for RH being
interested in adding SELinux rulesets
Some years ago at a SELinux presentation, I proposed at Ottawa
Linux Symposium, and proposals have een floated from time to
time to 'bundle' the SELinux rules for a given package within
either the .spec file, or as some sort of 'mergable' location
per package. Red Hat has chosen to go a different way, where
there is a responsive maintainer (Dan Walsh) who seems to have
more eyes than a peacock tail, as to SELinux issues on mailing
lists
Carrying local libraries rather than using system ones as much
as possible, is another stumbling block to consider and
address
I've marked this for some more review after I get the FS SRPMS
rebuilding locally
-- Russ herrold
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the freeswitch-sec
mailing list