Replacing selinux policy

Make a backup and set the security context:

[root@surrey policy]# mv /etc/selinux/targeted/policy/policy.18 /etc/selinux/targeted/policy/policy.18.orig
[root@surrey policy]# cp new/policy.18 /etc/selinux/targeted/policy/
[root@surrey policy]# chcon system_u:object_r:policy_config_t /etc/selinux/targeted/policy/policy.18
[root@surrey policy]# /usr/sbin/setfiles -q -c /etc/selinux/targeted/policy/policy.18
/etc/selinux/targeted/contexts/files/file_contexts
[root@surrey policy]# load_policy /etc/selinux/targeted/policy/policy.18

Check that the policy was uploaded:

[root@surrey policy]# tail -100 /var/log/messages |grep security
Dec� 6 11:39:49 surrey kernel: audit(1133887189.765:3): avc:� granted� { load_policy } for� pid=4407
comm="load_policy" scontext=root:system_r:unconfined_t tcontext=system_u:object_r:security_t
tclass=security
Dec� 6 11:39:49 surrey kernel: security:� 3 users, 4 roles, 349 types, 25 bools
Dec� 6 11:39:49 surrey kernel: security:� 55 classes, 18748 rules

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

About the Author...

Slides from LISA 2019 Linux systems troubleshooting #LISA2019 https://t.co/D4dMKflK6R Tue Oct 29 05:59:30 +0000 2019

https://t.co/AGeihMALAv configuring grub2 with EFI Fri Sep 13 05:20:01 +0000 2019

I published a Thing on @thingiverse! https://t.co/IYpRyEb7Hz #thingalert Tue Jul 23 19:27:57 +0000 2019

Nokogiri install on MacOSX https://t.co/v3An0miW9L Fri Jul 12 15:06:49 +0000 2019

HTML email with plain mailer plugin on Jenkins https://t.co/Z6FSDMDjy8 Thu Jul 11 21:07:25 +0000 2019