generate_selinux_policy
Generate SELinux policy
Tested on CentOS 7, Fedora 24
- Install policycoreutils-python
yum install policycoreutils-python
- Create policy from audit log.
cp /var/log/audit/audit.log /var/tmp cd /var/tmp audit2allow -M wfica < audit.log
- Follow on screen directions.
If you need to edit the policy file
- Edit the .te file.
- Recompile and load the module. For example:
checkmodule -M -m -o wfica.mod wfica.te semodule_package -o wfica.pp -m wfica.mod semodule -i wfica.pp
generate_selinux_policy.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1