openSUSE Linux<p><a href="https://fosstodon.org/tags/Leap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Leap</span></a> 16.0 now defaults to <a href="https://fosstodon.org/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a>, <a href="https://fosstodon.org/tags/Myrlyn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Myrlyn</span></a> + <a href="https://fosstodon.org/tags/Cockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cockpit</span></a> step in for <a href="https://fosstodon.org/tags/YaST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YaST</span></a>, & <a href="https://fosstodon.org/tags/zypper" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zypper</span></a> has parallel <a href="https://fosstodon.org/tags/repo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>repo</span></a> downloads. <a href="https://fosstodon.org/tags/Xfce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Xfce</span></a> users on <a href="https://fosstodon.org/tags/Wayland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wayland</span></a> can enjoy greetd/gtkgreet instead of <a href="https://fosstodon.org/tags/LightDM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LightDM</span></a>—ideal for modern minimalists. <a href="https://news.opensuse.org/2025/08/04/leap-16-rc/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/08/04/l</span><span class="invisible">eap-16-rc/</span></a></p>
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.
Administered by:
Server stats:
8.1Kactive users
mastodon.world: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#selinux
2 posts · 2 participants · 0 posts today
seungjin<p>SElinux policy for your /var/swap and /var/swap/swapfile: <br>```<br>sudo semanage fcontext -a -t var_t '/var/swap'<br>sudo restorecon -rv /var/swap<br>sudo semanage fcontext -a -t swapfile_t '/var/swap/swapfile'<br>sudo restorecon -rv /var/swap/swapfile<br>```<br><a href="https://mstd.seungjin.net/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mstd.seungjin.net/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Jan Wildeboer 😷:krulorange:<p>Welcome to the family, OpenSUSE Leap! Finally :) The 16.0 Release Candidate makes it official. <a href="https://social.wildeboer.net/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> becomes the default.</p><p><a href="https://news.opensuse.org/2025/08/04/leap-16-rc/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/08/04/l</span><span class="invisible">eap-16-rc/</span></a></p>
rvstaveren<p>That time of year that you are poking around again with</p><p>sudo ausearch -m avc -ts today | audit2why</p><p>And</p><p>sudo ausearch -m avc -ts recent | audit2why</p><p>To see if you had solved the problem </p><p><a href="https://mastodon.online/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Paul Moore<p>Highlights from the LSM, SELinux, and audit PRs that were merged into Linus' tree during the Linux v6.17 merge window.</p><p><a href="https://paul-moore.com/blog/d/2025/07/linux_v617_merge_window.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">paul-moore.com/blog/d/2025/07/</span><span class="invisible">linux_v617_merge_window.html</span></a></p><p><a href="https://hachyderm.io/tags/lsm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lsm</span></a> <a href="https://hachyderm.io/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a> <a href="https://hachyderm.io/tags/audit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>audit</span></a></p>
Nicola Fioretti :gnu: :linux:<p>🚀 :linux: Linux 6.16 è qui!<br>Principali novità: <a href="https://mastodon.uno/tags/OpenVPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenVPN</span></a> DCO, TCP Zero-Copy da DMABUF, Paginazione a cinque livelli universale, Ottimizzazioni Filesystem <a href="https://mastodon.uno/tags/Ext4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ext4</span></a> e <a href="https://mastodon.uno/tags/xfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xfs</span></a> miglioramenti per processori Intel e USB Audio Offload, supporto Hardware esteso, supporto per Apple Magic Mouse 2 e tanto altro!<br>Miglioramenti nella gestione dei coredump e aggiornamenti a <a href="https://mastodon.uno/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a> <br>Continua l'espansione dei driver basati su <a href="https://mastodon.uno/tags/Rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rust</span></a> </p><p><a href="https://mastodon.uno/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.uno/tags/Kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernel</span></a> <a href="https://mastodon.uno/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p><p><a href="https://linuxiac.com/linux-kernel-6-16-released-this-is-whats-new/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">linuxiac.com/linux-kernel-6-16</span><span class="invisible">-released-this-is-whats-new/</span></a></p>
LeatherSlave 🏳️🌈🖤🔐<p><a href="https://lsbt.me/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> und <a href="https://lsbt.me/tags/Gentoo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gentoo</span></a>:</p><p>Der Befehl "/var/log/audit/audit.log | grep denied" gibt mir einige Zeilen auf tty1 aus.</p><p>Welche hilfreichen Seiten im Netz gibt es, um zu erfahren wie <a href="https://lsbt.me/tags/Gentoo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gentoo</span></a> entsprechend konfiguriert werden sollte, damit dies auch mit <a href="https://lsbt.me/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> lauffähig und vor allem sicher bleibt?</p><p>Über Tipps freue ich mich.</p><p><a href="https://lsbt.me/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://lsbt.me/tags/GentooLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GentooLinux</span></a></p>
9Lukas5 🚂 🐧Fedora SELinux
dominick<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mihamarkic" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mihamarkic</span></a></span> There is an SELinux support channel on irc.libera.chat <a href="https://fosstodon.org/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Miha Markič<p>Any expert on <a href="https://mastodon.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a> over here? I need to create a custom (file) type and a custom domain, make type accessible only from said domain.</p>
Petr Lautrbach<p>3.9 SELinux Userspace release is out</p><p><a href="https://lore.kernel.org/selinux/878qkomlkw.fsf@redhat.com/T/#u" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lore.kernel.org/selinux/878qko</span><span class="invisible">mlkw.fsf@redhat.com/T/#u</span></a></p><p><a href="https://hostux.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Tris<p>If there's any job opening related to <a href="https://chaos.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a>, let me know :) </p><p><a href="https://chaos.social/tags/getfedihired" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>getfedihired</span></a> <a href="https://chaos.social/tags/redhat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhat</span></a></p>
🚀 Несерьёзный Выдумщик 👨🔬<p>Хорошая и <a href="https://habr.com/ru/articles/541190/" rel="nofollow noopener" target="_blank">годная статья</a> про безопасность <a href="https://shitpost.poridge.club/tags/Android" rel="nofollow noopener" target="_blank">#Android</a><span> устройств с разблокированным загрузчиком.<br>Детально и подробно, с разных сторон разобран процесс загрузки Android-систем нескольких версий, включая </span><a href="https://shitpost.poridge.club/tags/LineageOS" rel="nofollow noopener" target="_blank">#LineageOS</a><span> и виды сборок прошивок.<br>Рассмотрен подход к работе </span><a href="https://shitpost.poridge.club/tags/Magisk" rel="nofollow noopener" target="_blank">#Magisk</a> и варианты получения root'а разными средствами с учётом контекстов <a href="https://shitpost.poridge.club/tags/SELinux" rel="nofollow noopener" target="_blank">#SELinux</a>, а так же работа через <a href="https://shitpost.poridge.club/tags/adb" rel="nofollow noopener" target="_blank">#adb</a><span> (в каких случаях имеет root'привелегии).<br>Статья большая, но полезная с точки зрения «получить представление» без упрощений, а с техническими деталями.<br><br>TL;DR<br>Глупо выключать устройство, когда остаётся без присмотра, а описываемый сценарий не касается уже работающего (загруженного полностью, включённого) девайса. Если же устройство неожиданно оказалось выключенным, то нельзя включать и вводить пин\пароль. Сперва надо проверить содержимое разделов (на тот или иной вариант «нагрузки»). Т.е. включать через </span><code>fastboot</code>, прошивать заново рекавери (<a href="https://shitpost.poridge.club/tags/TWRP" rel="nofollow noopener" target="_blank">#TWRP</a> или <a href="https://shitpost.poridge.club/tags/OrangeFox" rel="nofollow noopener" target="_blank">#OrangeFox</a><span>) и прошерстить\восстановить разделы.<br><br>Очень наглядно видно зачем в ОС нужны такие вещи как mandatory access control (MAC):<br>• </span><a href="https://shitpost.poridge.club/tags/SELinux" rel="nofollow noopener" target="_blank">#SELinux</a><span> (авторство АНБ США),<br>• </span><a href="https://shitpost.poridge.club/tags/AppArmor" rel="nofollow noopener" target="_blank">#AppArmor</a><span> (via Novell & Immunix),<br>• российский аналог в AstraLinux.<br><br>На статью навёл </span><a href="https://social.openhood.ru/@sun_rise" class="u-url mention" rel="nofollow noopener" target="_blank">@sun_rise@social.openhood.ru</a><span> <br><br></span><a href="https://shitpost.poridge.club/tags/AndroidSecurity" rel="nofollow noopener" target="_blank">#AndroidSecurity</a> <a href="https://shitpost.poridge.club/tags/MAC" rel="nofollow noopener" target="_blank">#MAC</a> <a href="https://shitpost.poridge.club/tags/security" rel="nofollow noopener" target="_blank">#security</a> <a href="https://shitpost.poridge.club/tags/privacy" rel="nofollow noopener" target="_blank">#privacy</a><span><br></span><a href="https://mastodon.social/@russian_mastodon" class="u-url mention" rel="nofollow noopener" target="_blank">@russian_mastodon@mastodon.social</a> <a href="https://3zi.ru/@Russia" class="u-url mention" rel="nofollow noopener" target="_blank">@Russia@3zi.ru</a> <a href="https://social.sley.nl/@rur" class="u-url mention" rel="nofollow noopener" target="_blank">@rur@social.sley.nl</a></p>
Nate Metzger<p>0 days since it was <a href="https://mastodon.alphapuggle.dev/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Patrick Wu :neocat_flag_bi:<p><span>spend way too much time on properly configure Waydroid on Linux... had to setup additional SELinux module and some special settings for GPU (Fuck You nVidia)<br><br></span><a href="https://hatoya.cafe/tags/linux" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://hatoya.cafe/tags/selinux" rel="nofollow noopener" target="_blank">#selinux</a> <a href="https://hatoya.cafe/tags/fedora" rel="nofollow noopener" target="_blank">#fedora</a> <a href="https://hatoya.cafe/tags/nvidia" rel="nofollow noopener" target="_blank">#nvidia</a> <a href="https://hatoya.cafe/tags/waydroid" rel="nofollow noopener" target="_blank">#waydroid</a> <a href="https://hatoya.cafe/tags/android" rel="nofollow noopener" target="_blank">#android</a></p>
openSUSE Linux<p>Find out what happened in this <a href="https://fosstodon.org/tags/oSC25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oSC25</span></a> talk about the switch of <a href="https://fosstodon.org/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> as the default MAC system in <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSUSE</span></a> Tumbleweed, This talk will explore the shift from <a href="https://fosstodon.org/tags/AppArmor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppArmor</span></a> and the lessons learned. A must-watch for those following system security! 🐧 <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSUSE</span></a> <a href="https://youtu.be/8wBLbhSjDwE?si=1fOBIHkq1KkU5ynV" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">youtu.be/8wBLbhSjDwE?si=1fOBIH</span><span class="invisible">kq1KkU5ynV</span></a></p>
Kai 🇪🇺<p>And now for the good part. <a href="https://norden.social/tags/opensuse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensuse</span></a> <a href="https://norden.social/tags/oSC25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oSC25</span></a> <a href="https://norden.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a></p>
Habr<p>[Перевод] Защита Debian путём внедрения обязательного контроля доступа через SELinux для максимальной безопасности системы</p><p>В эпоху, когда киберугрозы быстро эволюционируют, обеспечение безопасности систем Linux выходит далеко за рамки базовых разрешений пользователей. Традиционные механизмы безопасности вроде дискреционного управления доступом (DAC) обеспечивают ограниченную защиту от эскалации привилегий, скомпрометированных приложений и внутренних угроз. Для устранения этих ограничений Security‑Enhanced Linux (SELinux) предлагает мощную и детализированную систему мандатного управления доступом (MAC) — и теперь не только для дистрибутивов на базе Red Hat. В этой статье расскажу, как интегрировать SELinux в Debian. Разберу его архитектуру, процедуры настройки, управление политиками и методы устранения неполадок. Неважно, управляете ли вы критически важным сервером или хотите усилить защиту рабочей станции, — это руководство покажет, как SELinux может поднять безопасность системы до корпоративных стандартов.</p><p><a href="https://habr.com/ru/companies/cloud4y/articles/920600/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">habr.com/ru/companies/cloud4y/</span><span class="invisible">articles/920600/</span></a></p><p><a href="https://zhub.link/tags/SELinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SELinux</span></a> <a href="https://zhub.link/tags/debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>debian</span></a> <a href="https://zhub.link/tags/%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>безопасность</span></a></p>
linux[Перевод] Защита Debian путём внедрения обязательного контроля доступа через SELinux для максимальной безопаснос...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/SELinux" target="_blank">#SELinux</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/debian" target="_blank">#debian</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/безопасность" target="_blank">#безопасность</a><br><br><a href="https://habr.com/ru/companies/cloud4y/articles/920600/?utm_source=habrahabr&utm_medium=rss&utm_campaign=920600" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=linux" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=TQPjEMKyJOHdbZrOg9uuOOCHlOy&interestId=linux" rel="nofollow noopener" target="_blank">Match</a>
Geekland<p>¿Qué es SELinux, qué función cumple y por qué es importante para Linux? <a href="https://mastodon.social/tags/distros" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>distros</span></a> <a href="https://mastodon.social/tags/control_de_acceso" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>control_de_acceso</span></a> <a href="https://mastodon.social/tags/fedora" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fedora</span></a> <a href="https://mastodon.social/tags/pol%C3%ADticas_de_seguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>políticas_de_seguridad</span></a> <a href="https://mastodon.social/tags/red_hat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>red_hat</span></a> <a href="https://mastodon.social/tags/rhel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rhel</span></a> <a href="https://mastodon.social/tags/seguridad_linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>seguridad_linux</span></a> <a href="https://mastodon.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a><br><a href="https://notilinux.com/que-es-selinux-y-que-funcion-cumple/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">notilinux.com/que-es-selinux-y</span><span class="invisible">-que-funcion-cumple/</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload