Creating SELinux policies
In some cases, you'll need to create a new SELinux policy—for instance, when installing a piece of software from source. Although I do not recommend installing software from source on enterprise systems, this is sometimes your only option for company-developed software.
It is then time to create your own SELinux policy.
Getting ready
For this recipe, you need to have policycoreutils-python installed.
How to do it…
We'll use the denied entries in the audit.log log file to build our SELinux policy with audit2allow.
In this recipe, we'll use the same example as in the previous recipe: the SELinux context of /var/www/html/index.html that is changed to system_u:object_r:user_home_t:s0. Perform the following steps:
- First, create a ...
Get Red Hat Enterprise Linux Server Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
