generate_selinux_policy
This is an old revision of the document!
Generate SELinux policy
Tested on CentOS 7, Fedora 24
- Install policycoreutils-python
yum install policycoreutils-python
- Create policy from audit log.
cp /var/log/audit/audit.log /var/tmp cd /var/tmp audit2allow -M rsync < audit.log
- Follow on screen directions.
If you need to edit the policy file
- Edit the .te file.
- Recompile and load the module. For example:
checkmodule -M -m -o wfica.mod wfica.te semodule_package -o wfica.pp -m wfica.mod semodule -i wfica.pp
generate_selinux_policy.1466516719.txt.gz · Last modified: 2016/06/21 13:45 by admin