SELinux building module

From Integrics Wiki
Revision as of 04:29, 29 August 2025 by Dcunningham (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

To check for SELinux audit entries: 

audit2allow -a -b

To turn SELinux audit entries into a new SELinux module: 

audit2allow -a -b -M enswitch

To compile the SELinux module for Enswitch: 

cd /opt/enswitch/current/etc/selinux
checkmodule -M -m -o enswitch.mod enswitch.te
semodule_package -o enswitch.pp -m enswitch.mod
semodule -i enswitch.pp
rm enswitch.mod

To check the SELinux module for Enswitch is installed: 

semodule -l | grep enswitch

To remove the installed SELinux module for Enswitch: 

semodule -r enswitch

To list the contents of the .pp file: 

/usr/libexec/selinux/hll/pp /opt/enswitch/etc/selinux/enswitch.pp
Retrieved from ‘http://wiki.integrics.com/index.php?title=SELinux_building_module&oldid=395