Ask Your Question
0

Documentation of SELinux CIL compiler

asked 2017-08-20 01:55:16 -0600

Are there any proper documentation for using selinux CIL compiler in fedora for NOOBS ? To install compiler, write custom policy and find out difference in policy loading etc.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2017-08-20 04:44:24 -0600

villykruse gravatar image

Maybe this is not for "noob"s.

You can download and install the documentation for secilc:

dnf install secilc-doc

and then open the the file /usr/share/doc/secilc-doc/html/CIL_Reference_Guide.html with your browser. This, however, is a lot of read with a lot of details.

A better starting point may be the wiki fir the CIL project: https://github.com/SELinuxProject/cil/wiki

By the way, you can convert a .te file generated by audit2allow to cil format

checkmodule -C -m -o "$module".cil "$module".te

and the .cil file can be installed directly instead of the .pp file.

semodule -i "$module".cil

That may be handy if you modify the .te file with an editor. You can also modify the .cil file with an editor.

edit flag offensive delete link more

Question Tools

1 follower

Stats

Asked: 2017-08-20 01:55:16 -0600

Seen: 173 times

Last updated: Aug 20 '17