SystemTap in Debian

The latest kernel upload (2.6.32-16) brings goodies to SystemTap in Debian. This version has added support for kprobes, on which systemtap has a major dependency, for many of its features.

Most of the systemtap instrumentation should work now and all of this will be part of the Squeeze release. Instrumenting the kernel modules still needs some work (DBTS: #555549) but can be done.

tomoyo for debian

Just uploaded tomoyo-tools and is waiting in the NEW queue. Thanks to Moritz Muehlenhoff, tomoyo kernel support should be available in Debian with kernel 2.6.32-13 and above. What is Tomoyo ? Description: Lightweight and easy-use Mandatory Access Control for Linux TOMOYO Linux is Lightweight and Usable Mandatory Access Control with - “automatic policy configuring” feature by “LEARNING mode” - administrators friendly policy language - no need libselinux nor userland program modifications [Read More]

SELinux in Debian

Thanks to Pierre Chifflier , Debian now has setroubleshoot packaged. The good thing about setroubleshoot is that it gives you a very user friendly message about the SELinux violations that occur on your box while you were doing something. Now that something is very difficult to define (at least for Debian). My day job requires me to work on the RHELdistribution which has very good SELinux policy defined (Same is the case with Fedora). [Read More]