This document shows how to install SELinux Policy Editor.
#yum install seedit-guiIf you do not want GUI, type following.
#yum install seedit-policyNext, initialize SEEdit and reboot.
# /usr/sbin/seedit-init # reboot/usr/bin/seedit-init is command that will prepare system to use seedit. It edits /etc/selinux/config, initialize policy , launch auditd service, etc.
# yum install checkpolicy audit
http://seedit.sourceforge.net/download.htmlIf you do not have X Window System, you do not need seedit-gui package.
$ su # rpm -ivh seedit-*.rpm # /usr/sbin/seedit-init # reboot/usr/bin/seedit-init is command that will prepare system to use seedit. It edits /etc/selinux/config, initialize policy , launch auditd service, etc.
# setfiles /etc/selinux/seedit/contexts/files/file_contexts / -F -vv # reboot
# sestatus SELinux status: enabled Current mode: permissive Mode from config file: permissive ... Policy from config file: seedit
Policy used in seedit is seedit.
/etc/seedit/policy, simplified policy is installed, we edit it.
And it is converted to usual SELinux Policy, and installed under /etc/selinux/seedit.
Note that simplified policy is installed as permissive mode. In permissive mode, SELinux is not protecting your system. It is only a test mode. To be a enforcing mode, see .
To make sure seedit is installed, go to section 3.
SELINUX=permissive SELINUXTYPE=seeditOur system does not interfere with other existing system components except that.
# rpm -e seedit-policy seedit seedit-gui # rebootYou system will restart as SELinux targeted policy(Fedora Core5 default) and permissive mode(SELinux is effectively disabled).
If you are using X Window System, from Gnome menu, . Choose Application System Tool SELinux Policy Editor, or type seedit-gui from Gnome terminal. You will see window like 1.
Then select Status, you will see 2.
From command line, if result of sestatus shows following, installation is successful.
# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive ... Policy from config file: seedit
Next, see SELinux Policy Editor Administration Guide.
This document was generated using the LaTeX2HTML translator Version 2002-2-1 (1.71)
Copyright © 1993, 1994, 1995, 1996,
Computer Based Learning Unit, University of Leeds.
Copyright © 1997, 1998, 1999, Ross Moore, Mathematics Department, Macquarie University, Sydney.
The command line arguments were:
latex2html -local_icons -show_section_numbers -link 2 -split +0 install.tex
The translation was initiated by Yuichi Nakamura on 2007-02-13