severity 407691 wishlist
thanks
Hi,
I understand that SELinux and policies are not subjects which
a number of users are used to, but I don't think that educating users
in basic SELinux administration is the job of reference policy postinst
scripts. I'll add something to the README.
May I suggest:
load_policy(8) - load a new policy into the kernel
(belongs to policycoreutils)
load_policy is the tool used to load/replace the policy in the
kernel. By default, load_policy will preserve the current policy
boolean values when loading the policy.
semodule(8) - Manage SELinux policy modules.
(belongs to policycoreutils)
semodule is the tool used to manage SELinux policy modules,
including installing, upgrading, listing and removing modules.
semodule may also be used to force a rebuild of policy from the
module store and/or to force a reload of policy without performing
any other transaction. semodule acts on module packages created by
semodule_package. Convenâtionally, these files have a .pp suffix
(policy package), although this is not mandated in any way.
Also things to read up on are:
SELINUX: NSA's Open Source Security Enhanced Linux --- Bill McCarty
SELinux by example -- Mayer, MacMillan, & Caplan
manoj
--
"My head is bloodied, but unbowed." From the poem "Invictus"
Manoj Srivastava <[EMAIL PROTECTED]> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
