blob: 07eae00f3314a2c9e82507e9e62e6fd8f7669952 [file] [log] [blame]
Kyle Swenson8d8f6542021-03-15 11:02:55 -06001If you want to use SELinux, chances are you will want
2to use the distro-provided policies, or install the
3latest reference policy release from
4 http://oss.tresys.com/projects/refpolicy
5
6However, if you want to install a dummy policy for
7testing, you can do using 'mdp' provided under
8scripts/selinux. Note that this requires the selinux
9userspace to be installed - in particular you will
10need checkpolicy to compile a kernel, and setfiles and
11fixfiles to label the filesystem.
12
13 1. Compile the kernel with selinux enabled.
14 2. Type 'make' to compile mdp.
15 3. Make sure that you are not running with
16 SELinux enabled and a real policy. If
17 you are, reboot with selinux disabled
18 before continuing.
19 4. Run install_policy.sh:
20 cd scripts/selinux
21 sh install_policy.sh
22
23Step 4 will create a new dummy policy valid for your
24kernel, with a single selinux user, role, and type.
25It will compile the policy, will set your SELINUXTYPE to
26dummy in /etc/selinux/config, install the compiled policy
27as 'dummy', and relabel your filesystem.