I’ve been preparing SELinux backports for Debian sarge today for a public release. I’ve been running them on a couple of servers for quite some time already, but I decided to fully document what I did as well as uploading them to a publicly accessible location:

Debian sarge SELinux backports

Note that you still need a policy (e.g. the selinux-policy-default package from unstable, a CVS checkout from the NSA repository on sourceforge or the new reference policy being heavily worked upon) as well as a SELinux capable kernel (e.g. the latest 2.6.14 packages from unstable)

Note that alioth is a rather “public” box, so if you don’t trust it (or me)

  • grab the sources from a location you trust, grab the Debian .diff and mine and do an interdiff. The interdiff should be really easy to verify at least.

Also check out the Backporting HOWTO I wrote documenting my efforts.

I hope I’ll be able to bring you detailed installation instructions sometime soon. Until then I can point you to some SElinux setup notes in the Debian wiki. My cron and init packages do have the “bad” stuff disabled when SElinux is enabled.