Re: Can I change default policy from targeted to minimum

Lukas Vrabec <lvrabec@xxxxxxxxxx> · Mon, 14 Sep 2015 09:55:14 +0200



    Hi! 

    
    On 09/12/2015 11:43 AM, Divya Vyas
      wrote:

    
        I took the extracted content of selinux minimum rpm and put
          in /etc/selinux folder and changed the SELINUXTYPE=minimum .

        
    All you need to do is:

    1. install selinux-policy-minumum

        #dnf install selinux-policy-minimum

    2. change config file (/etc/selinux/config) on line
    'SELINUXTYPE=minimum' 

    3. reboot

    
        Actually when I tried to install minimum policy it gave me
          dependency issues.

        
        Am I missing something?

      
    What dependency issues? 

    
        On Fri, Sep 11, 2015 at 11:03 PM, Simon
          Sekidde <ssekidde@xxxxxxxxxx>
          wrote:

          
              ----- Original Message -----

              > From: "Divya Vyas" <dvyas@xxxxxxxxxx>

              > To: selinux@xxxxxxxxxxxxxxxxxxxxxxx

              > Sent: Friday, September 11, 2015 11:48:22 AM

              > Subject: Fwd: Can I change default policy from
              targeted to minimum

              >

              > Hi,

              >

              > I have mls and targeted policy installed on my
              system. I want to have a

              > minimum policy with all user unconfined and nothing
              restricted.

              >

              > I took a minimum policy from selinux-policy-minium
              noarch rpm and kept in

              > /etc/selinux folder and edit SELINUXTYPE=minimum. Is
              this enough to load a

              > new policy .

              >

              
            By 'took' do you mean installing the rpm and then
            changing the SELINUXTYPE= ?

            If so try booting with the kernel parameter 'enforcing=0'
            and provide the output for `sestatus`

            
                > load_policy

                > SELinux: Could not open policy file <=
                /etc/selinux/minimum/policy/policy.28:

                > No such file or directory

                > load_policy: Can't load policy: No such file or
                directory

                >

                > Getting this error while the policy.28 exists in
                the path.

                >

                > Please guide me to have a minimum unrestricted
                policy.

                >

                >

              
            > --

                > selinux mailing list

                > selinux@xxxxxxxxxxxxxxxxxxxxxxx

                > https://admin.fedoraproject.org/mailman/listinfo/selinux

                
                --

                Simon Sekidde * Red Hat, Inc. * Westford, MA

                gpg: 5848 958E 73BA 04D3 7C06 F096 1BA1 2DBF 94BC 377E

                
      --
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
    
    
    -- 
Lukas Vrabec
SELinux Solutions
Red Hat, Inc.
  

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux