94
Chapter 7. Compiling SELinux Policy
During the compilation, several files and a directory are created or updated. The most
important is
$SELINUX_SRC/policy.conf
. Also in the
$SELINUX_SRC/
directory is
tmp/
, which contains temporary build files, including
load
. This file is a zero byte file that
is used by the
Makefile
to determine the time the policy was last loaded. Finally, the file
$SELINUX_SRC/file_contexts/file_contexts
is created, which is a concatenation of all of
the various file contexts files in the source tree.
At the heart of the compilation is
checkpolicy
. This tool compiles the policy into its binary form,
and can also be used to validate the policy. Policy compilation is best left to the
Makefile
to handle,
but you can gain some insight into any binary policy file using
checkpolicy
:
# By itself, checkpolicy looks for a policy.conf file in the
# current working directory, which might normally be $SELINUX_SRC/.
cd $SELINUX_SRC/
checkpolicy
checkpolicy:
loading policy configuration from policy.conf
security:
3 users, 4 roles, 316 types, 20 bools
security:
53 classes, 9815 rules
checkpolicy:
policy configuration loaded
# You can specify a binary policy file with  b:
checkpolicy  b $SELINUX_POLICY/policy.18
checkpolicy:
loading policy configuration from \
/etc/selinux/targeted/policy/policy.18
security:
3 users, 4 roles, 316 types, 20 bools
security:
53 classes, 9817 rules
checkpolicy:
policy configuration loaded






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

adult web hosting

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Inexpensive Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Jsp Hosting Cheap Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved