Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1=======
2SELinux
3=======
4
5Information about the SELinux kernel subsystem can be found at the
6following links:
7
8 https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md
9
10 https://github.com/selinuxproject/selinux-kernel/wiki
11
12Information about the SELinux userspace can be found at:
13
14 https://github.com/SELinuxProject/selinux/wiki
15
16If you want to use SELinux, chances are you will want
17to use the distro-provided policies, or install the
18latest reference policy release from
19
20 https://github.com/SELinuxProject/refpolicy
21
22However, if you want to install a dummy policy for
23testing, you can do using ``mdp`` provided under
24scripts/selinux. Note that this requires the selinux
25userspace to be installed - in particular you will
26need checkpolicy to compile a kernel, and setfiles and
27fixfiles to label the filesystem.
28
29 1. Compile the kernel with selinux enabled.
30 2. Type ``make`` to compile ``mdp``.
31 3. Make sure that you are not running with
32 SELinux enabled and a real policy. If
33 you are, reboot with selinux disabled
34 before continuing.
35 4. Run install_policy.sh::
36
37 cd scripts/selinux
38 sh install_policy.sh
39
40Step 4 will create a new dummy policy valid for your
41kernel, with a single selinux user, role, and type.
42It will compile the policy, will set your ``SELINUXTYPE`` to
43``dummy`` in ``/etc/selinux/config``, install the compiled policy
44as ``dummy``, and relabel your filesystem.