SELinux building module

From Integrics Wiki
Jump to: navigation, search

To check for SELinux audit entries: 

audit2allow -a -b

To turn SELinux audit entries into a new SELinux module: 

audit2allow -a -b -M enswitch

To compile the SELinux module for Enswitch: 

cd /opt/enswitch/current/etc/selinux
checkmodule -M -m -o enswitch.mod enswitch.te
semodule_package -o enswitch.pp -m enswitch.mod
semodule -i enswitch.pp
rm enswitch.mod

To check the SELinux module for Enswitch is installed: 

semodule -l | grep enswitch

To remove the installed SELinux module for Enswitch: 

semodule -r enswitch
Retrieved from ‘http://wiki.integrics.com/index.php?title=SELinux_building_module&oldid=378