SELinux.rst (1094B)
1======= 2SELinux 3======= 4 5If you want to use SELinux, chances are you will want 6to use the distro-provided policies, or install the 7latest reference policy release from 8 9 https://github.com/SELinuxProject/refpolicy 10 11However, if you want to install a dummy policy for 12testing, you can do using ``mdp`` provided under 13scripts/selinux. Note that this requires the selinux 14userspace to be installed - in particular you will 15need checkpolicy to compile a kernel, and setfiles and 16fixfiles to label the filesystem. 17 18 1. Compile the kernel with selinux enabled. 19 2. Type ``make`` to compile ``mdp``. 20 3. Make sure that you are not running with 21 SELinux enabled and a real policy. If 22 you are, reboot with selinux disabled 23 before continuing. 24 4. Run install_policy.sh:: 25 26 cd scripts/selinux 27 sh install_policy.sh 28 29Step 4 will create a new dummy policy valid for your 30kernel, with a single selinux user, role, and type. 31It will compile the policy, will set your ``SELINUXTYPE`` to 32``dummy`` in ``/etc/selinux/config``, install the compiled policy 33as ``dummy``, and relabel your filesystem.