About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Documentation / security / SELinux.txt


Based on kernel version 4.10.8. Page generated on 2017-04-01 14:44 EST.

1	If you want to use SELinux, chances are you will want
2	to use the distro-provided policies, or install the
3	latest reference policy release from
4		http://oss.tresys.com/projects/refpolicy
5	
6	However, if you want to install a dummy policy for
7	testing, you can do using 'mdp' provided under
8	scripts/selinux.  Note that this requires the selinux
9	userspace to be installed - in particular you will
10	need checkpolicy to compile a kernel, and setfiles and
11	fixfiles to label the filesystem.
12	
13		1. Compile the kernel with selinux enabled.
14		2. Type 'make' to compile mdp.
15		3. Make sure that you are not running with
16		   SELinux enabled and a real policy.  If
17		   you are, reboot with selinux disabled
18		   before continuing.
19		4. Run install_policy.sh:
20			cd scripts/selinux
21			sh install_policy.sh
22	
23	Step 4 will create a new dummy policy valid for your
24	kernel, with a single selinux user, role, and type.
25	It will compile the policy, will set your SELINUXTYPE to
26	dummy in /etc/selinux/config, install the compiled policy
27	as 'dummy', and relabel your filesystem.
Hide Line Numbers


About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog