Are there any SELinux tools available for Cygwin?

Warren Young warren@etr-usa.com
Mon Jun 2 18:08:00 GMT 2014 

On 5/31/2014 12:33, PolarStorm wrote:
> I'd like to
> refrain from having to run long remote sessions on each machine while
> experimentally editing all the various policy files. Downloading all files
> in
> one go and doing analysis and editing locally, is why I wanted to do this
> on Cygwin.

How is that easier?  You have to test each experimental edit, and that 
requires a Linux kernel running SELinux.  Cygwin is not a Linux kernel.

Personally, if I were still experimenting, I'd spin up a VM configured 
like the system I intended to modify, do my work on it, then ship a 
completed policy set to the remote system.  Linux VM how-tos are 
off-topic here, though.

> Another
> point is that there seem to exist ~3 different "flavors" of SELinux
> implementations,

What point are you making here, exactly?  Do you want Cygwin to emulate 
one of them, or all of them, or none of them?

I think all three choices are doomed, each for a different reason.

> As the next generation (>=KitKat) of Android mobile devices will all be
> distributed with SEAndroid in Enforced mode, by default. These tools
> will be exponentially of more interest to developers, as local editing
> on mobile devices are either crippled, poorly implemented and tested,
> or extremely inconvenient.

That's why the Android SDK includes an emulator, which is a VM, just as 
I described above.

Are you aware that some of the text editors ported to Cygwin can edit a 
file over SSH?  For instance, vim:

    vim scp://user@remotehost:password/path/to/file

The edit proceeds at local speeds.  A save takes a remote file upload, 
but you had to do that anyway.

> I was hoping someone else would
> have been interested enough to have tried to build these.

You aren't going to find SystemTap or iptables tools for Cygwin, either? 
  Why?  Same reason: you need a running Linux kernel to make any use of 
them, and Cygwin is not a Linux kernel.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list