Hi,
I am about to start SELinux learning and development. I have a stock Cento 7.1 install and I am curious what''s difference between the following two:
1. Enable SElinux and setenforce 1 on the stock install
vs.
2. Build a reference policy RPM and install it on the box. Then do step 1 as above.
Are there any differences in terms of ref policy? Would step 1 also have the ref policy enabled by default too?
Thanks.
David
Hi, yes, there are differences. It is about upstream refpolicy and Centos distro SELinux policy based on RHEL/Fedora policy. See
https://github.com/fedora-selinux/selinux-policy/wiki
and
https://github.com/TresysTechnology/refpolicy
for more details.
Regards, Miroslav
Hello,
On 12/08/2015 09:31 AM, mgrepl@redhat.com wrote:
Hi, yes, there are differences. It is about upstream refpolicy and Centos distro SELinux policy based on RHEL/Fedora policy. See
Basically, fedora SELinux policy is more suited for Fedora and RHEL distro.
and
https://github.com/TresysTechnology/refpolicy
for more details.
Regards, Miroslav -- selinux mailing list selinux@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/selinux@lists.fedoraproject.org
selinux@lists.fedoraproject.org