mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
17bd3c0166
Add links to the SELinux kernel subsystem README.md file, the SELinux kernel wiki, and the SELinux userspace wiki to the SELinux guide. Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com> [PM: spacing and style corrections, subject tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
44 lines
1.4 KiB
ReStructuredText
44 lines
1.4 KiB
ReStructuredText
=======
|
|
SELinux
|
|
=======
|
|
|
|
Information about the SELinux kernel subsystem can be found at the
|
|
following links:
|
|
|
|
https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md
|
|
|
|
https://github.com/selinuxproject/selinux-kernel/wiki
|
|
|
|
Information about the SELinux userspace can be found at:
|
|
|
|
https://github.com/SELinuxProject/selinux/wiki
|
|
|
|
If you want to use SELinux, chances are you will want
|
|
to use the distro-provided policies, or install the
|
|
latest reference policy release from
|
|
|
|
https://github.com/SELinuxProject/refpolicy
|
|
|
|
However, if you want to install a dummy policy for
|
|
testing, you can do using ``mdp`` provided under
|
|
scripts/selinux. Note that this requires the selinux
|
|
userspace to be installed - in particular you will
|
|
need checkpolicy to compile a kernel, and setfiles and
|
|
fixfiles to label the filesystem.
|
|
|
|
1. Compile the kernel with selinux enabled.
|
|
2. Type ``make`` to compile ``mdp``.
|
|
3. Make sure that you are not running with
|
|
SELinux enabled and a real policy. If
|
|
you are, reboot with selinux disabled
|
|
before continuing.
|
|
4. Run install_policy.sh::
|
|
|
|
cd scripts/selinux
|
|
sh install_policy.sh
|
|
|
|
Step 4 will create a new dummy policy valid for your
|
|
kernel, with a single selinux user, role, and type.
|
|
It will compile the policy, will set your ``SELINUXTYPE`` to
|
|
``dummy`` in ``/etc/selinux/config``, install the compiled policy
|
|
as ``dummy``, and relabel your filesystem.
|