Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Hardened
SELinux Gentoo/Hardened amd64 VM
swift at gentoo
Jul 1, 2012, 7:44 AM
Post #1 of 3 (1174 views)
Permalink
Hi guys,

I'm working on having SELinux-enabled, Gentoo Hardened VMs available for
people to test things with. If succesfull, I'd also like to see if I can
create some sort of DIY-course on SELinux based on these images (i.e.
documentation based on these VMs with educational questions and tasks for
people to get acquainted with SELinux and Gentoo Hardened).

But first things first. I've uploaded a first version of such a VM to
dev.gentoo.org. For the developers here on the mailinglist, could some of
you please see if the VM works on your (amd64) system(s)? I always start my
VMs with "-cpu kvm64" so I hope they work on all systems where Qemu supports
the kvm64 CPU type, but still, some confirmation would never hurt.

Also, the kernel uses paravirtualization to speed things up and I don't know
how it'll react on other systems.

So, for those willing to help, please fetch a copy from
/space/experimental-local/amd64/qemu-selinux and give my your feedback. I'll
wait for a few (hopefully) succesful runs before I ask infrastructure to
synchronize it with the mirrors to allow users to test it out as well.

The compressed image is about 157Mbyte and expands to about 1.4 Gbyte
(qcow2 format).

Wkr,
Sven Vermeulen
Re: SELinux Gentoo/Hardened amd64 VM [ In reply to ]
prometheanfire at gentoo
Jul 1, 2012, 8:56 AM
Post #2 of 3 (1136 views)
Permalink
On 07/01/2012 09:44 AM, Sven Vermeulen wrote:
> Hi guys,
>
> I'm working on having SELinux-enabled, Gentoo Hardened VMs available for
> people to test things with. If succesfull, I'd also like to see if I can
> create some sort of DIY-course on SELinux based on these images (i.e.
> documentation based on these VMs with educational questions and tasks for
> people to get acquainted with SELinux and Gentoo Hardened).
>
> But first things first. I've uploaded a first version of such a VM to
> dev.gentoo.org. For the developers here on the mailinglist, could some of
> you please see if the VM works on your (amd64) system(s)? I always start my
> VMs with "-cpu kvm64" so I hope they work on all systems where Qemu supports
> the kvm64 CPU type, but still, some confirmation would never hurt.
>
> Also, the kernel uses paravirtualization to speed things up and I don't know
> how it'll react on other systems.
>
> So, for those willing to help, please fetch a copy from
> /space/experimental-local/amd64/qemu-selinux and give my your feedback. I'll
> wait for a few (hopefully) succesful runs before I ask infrastructure to
> synchronize it with the mirrors to allow users to test it out as well.
>
> The compressed image is about 157Mbyte and expands to about 1.4 Gbyte
> (qcow2 format).
>
> Wkr,
> Sven Vermeulen
>
>
What is the full command line you used for this? (qemu-system-x86_64...)

--
-- Matthew Thode (prometheanfire)

Attached Files:

Re: SELinux Gentoo/Hardened amd64 VM [ In reply to ]
swift at gentoo
Jul 1, 2012, 9:36 AM
Post #3 of 3 (1141 views)
Permalink
On Sun, Jul 01, 2012 at 10:56:31AM -0500, Matthew Thode wrote:
> What is the full command line you used for this? (qemu-system-x86_64...)

The one I use is the following:

qemu-system-x86_64 --enable-kvm -gdb tcp::1239 -vnc 127.0.0.1:5 -net
nic,model=virtio,macaddr=00:11:22:33:44:b1,vlan=0 -net vde,vlan=0 -drive
file=/srv/virt/gentoo/test.img,if=virtio,cache=writeback,boot=on -usb
-usbdevice tablet -smp 4 -cpu kvm64 -k nl-be -m 1536

I'd like to know which things in the commandline are mandatory (so that I
can create proper documentation) and which not. Which reminds me to reset
the keyboard on the images as I'm using a non-standard layout...

Wkr,
Sven Vermeulen

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal