On 04/19/2016 09:36 PM, amir sheng wrote:

I installed SElinux on Fedora 23 and the only policy that I can see is available is in directory /etc/selinux/targeted/ so I can just load this policy in Apol. By using Fedora 23 Terminal to install policies (i.e, dnf install selinux-policy-*******) there are other different policies to install whose names are:

It's quite common that a project in Fedora is distributed as several sub-packages.

(1) "selinux-policy-3.13.1.fc23.noarch"

This is a base package with infrastructure needed for other packages.

(2)"selinux-policy-devel-3.13.1-152.fc23.noarch"

Files needed for SELinux policy development - Makefiles, files with interfaces, ...

(3)"selinux-policy-doc-3.13.1-152.fc23.noarch"

Man pages and other documentation.

(4)"selinux-policy-minimum-3.13.1-152.fc23.noarch"

SELinux policy with minimum types defined.

(5)"selinux-policy-mls-3.13.1-158.11.fc23.noarch"

MLS SELinux policy - /etc/selinux/mls and /var/lib/selinux/mls

(6)"selinux--policy-sandbox-3.13.1-152.fc23.noarch"

SELinux sandbox module

(7)" selinux-policy-targeted-3.13.1-158.11.fc23.noarch"

The default targeted policy

What is the difference between this policies(specially between(1) and (7))? I found out some of them are already installed in my system. Where are the other policy's file that I can load to Apol and analyse them.? What are the differences?

You can find more information about packages using 'rpm -qi <package>' or list files 'rpm -ql <package>'

Petr