This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Are there any SELinux tools available for Cygwin?
- From: Warren Young <warren at etr-usa dot com>
- To: Cygwin-L <cygwin at cygwin dot com>
- Date: Mon, 02 Jun 2014 12:07:50 -0600
- Subject: Re: Are there any SELinux tools available for Cygwin?
- Authentication-results: sourceware.org; auth=none
- References: <1401440703000-108952 dot post at n5 dot nabble dot com> <5388CD7E dot 5010800 at etr-usa dot com> <1401525653800-108975 dot post at n5 dot nabble dot com> <CAAeCd-OrJiExq2hUZ2-6RR0Nzz0GpeoVBaCgzPYEbEjykrH9nw at mail dot gmail dot com> <1401561239482-108983 dot post at n5 dot nabble dot com>
On 5/31/2014 12:33, PolarStorm wrote:
I'd like to
refrain from having to run long remote sessions on each machine while
experimentally editing all the various policy files. Downloading all files
in
one go and doing analysis and editing locally, is why I wanted to do this
on Cygwin.
How is that easier? You have to test each experimental edit, and that
requires a Linux kernel running SELinux. Cygwin is not a Linux kernel.
Personally, if I were still experimenting, I'd spin up a VM configured
like the system I intended to modify, do my work on it, then ship a
completed policy set to the remote system. Linux VM how-tos are
off-topic here, though.
Another
point is that there seem to exist ~3 different "flavors" of SELinux
implementations,
What point are you making here, exactly? Do you want Cygwin to emulate
one of them, or all of them, or none of them?
I think all three choices are doomed, each for a different reason.
As the next generation (>=KitKat) of Android mobile devices will all be
distributed with SEAndroid in Enforced mode, by default. These tools
will be exponentially of more interest to developers, as local editing
on mobile devices are either crippled, poorly implemented and tested,
or extremely inconvenient.
That's why the Android SDK includes an emulator, which is a VM, just as
I described above.
Are you aware that some of the text editors ported to Cygwin can edit a
file over SSH? For instance, vim:
vim scp://user@remotehost:password/path/to/file
The edit proceeds at local speeds. A save takes a remote file upload,
but you had to do that anyway.
I was hoping someone else would
have been interested enough to have tried to build these.
You aren't going to find SystemTap or iptables tools for Cygwin, either?
Why? Same reason: you need a running Linux kernel to make any use of
them, and Cygwin is not a Linux kernel.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple