1 |
On Saturday, 26 September 2020 17:41:06 BST Dan Egli wrote: |
2 |
> Questions regarding SELinux. Two of them actually. First is how the HECK |
3 |
> to I get it enabled!? I compiled my kernel to support it, and I do not |
4 |
> have the disabling line in my boot config. But after rebooting to the |
5 |
> new kernel, getenforce says disabled. So why is it disabled and how do I |
6 |
> enable it? |
7 |
|
8 |
There are a number of steps you need to follow to configure a selinux kernel |
9 |
and utilities. Have you walked through these guides? |
10 |
|
11 |
https://wiki.gentoo.org/wiki/SELinux |
12 |
|
13 |
In particular, the Installation guide? |
14 |
|
15 |
https://wiki.gentoo.org/wiki/SELinux/Installation |
16 |
|
17 |
|
18 |
> Next, whenever I try to install a SELinux policy that portage missed |
19 |
> during it's install (not many, but a couple) I get an error. I've |
20 |
> already created a bug on this |
21 |
> (https://bugs.gentoo.org/show_bug.cgi?id=744736), but I was wondering if |
22 |
> anyone on the list had any ideas as to what's wrong. |
23 |
> |
24 |
> |
25 |
> Thanks! |
26 |
|
27 |
In the first instance set 'SELINUX=permissive' in the selinux config and see |
28 |
if it works as expected. Address any errors/warnings and then try switching |
29 |
to enforcing. |