SystemTap in Debian

 Posted on July 8, 2010  (Last modified on January 22, 2011)  |  1 minutes  |  63 words  |  Ritesh Raj Sarraf

The latest kernel upload (2.6.32-16) brings goodies to SystemTap in Debian. This version has added support for kprobes, on which systemtap has a major dependency, for many of its features.

Most of the systemtap instrumentation should work now and all of this will be part of the Squeeze release. Instrumenting the kernel modules still needs some work (DBTS: #555549) but can be done.

Mandatory Access Controls  mac 

tomoyo for debian

 Posted on May 11, 2010  (Last modified on January 22, 2011)  |  1 minutes  |  153 words  |  Ritesh Raj Sarraf

Just uploaded tomoyo-tools and is waiting in the NEW queue. Thanks to Moritz Muehlenhoff, tomoyo kernel support should be available in Debian with kernel 2.6.32-13 and above. What is Tomoyo ? Description: Lightweight and easy-use Mandatory Access Control for Linux TOMOYO Linux is Lightweight and Usable Mandatory Access Control with - “automatic policy configuring” feature by “LEARNING mode” - administrators friendly policy language - no need libselinux nor userland program modifications [Read More]
Mandatory Access Controls  security  mac 

SELinux in Debian

 Posted on December 11, 2008  (Last modified on January 22, 2011)  |  1 minutes  |  193 words  |  Ritesh Raj Sarraf

Thanks to Pierre Chifflier , Debian now has setroubleshoot packaged. The good thing about setroubleshoot is that it gives you a very user friendly message about the SELinux violations that occur on your box while you were doing something. Now that something is very difficult to define (at least for Debian). My day job requires me to work on the RHELdistribution which has very good SELinux policy defined (Same is the case with Fedora). [Read More]
SELinux  Mandatory Access Controls