SELinux

If you want to use SELinux, chances are you will want to use the distro-provided policies, or install the latest reference policy release from

However, if you want to install a dummy policy for testing, you can do using mdp provided under scripts/selinux. Note that this requires the selinux userspace to be installed - in particular you will need checkpolicy to compile a kernel, and setfiles and fixfiles to label the filesystem.

  1. Compile the kernel with selinux enabled.

  2. Type make to compile mdp.

  3. Make sure that you are not running with SELinux enabled and a real policy. If you are, reboot with selinux disabled before continuing.

  4. Run install_policy.sh:

    cd scripts/selinux
    sh install_policy.sh
    

Step 4 will create a new dummy policy valid for your kernel, with a single selinux user, role, and type. It will compile the policy, will set your SELINUXTYPE to dummy in /etc/selinux/config, install the compiled policy as dummy, and relabel your filesystem.