From: guido@trentalancia.net (Guido Trentalancia) Date: Sat, 29 Oct 2016 23:22:37 +0200 Subject: [refpolicy] I want to use refpolicy in centos 7 In-Reply-To: <8dde386aff5e14f9d20bb3ec592cbea@cvwapp03.nm.nhnsystem.com> References: <8dde386aff5e14f9d20bb3ec592cbea@cvwapp03.nm.nhnsystem.com> Message-ID: <1477776157.2484.3.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hello again. On Thu, 27/10/2016 at 17.21 +0900, ??? via refpolicy wrote: > I install centos7 and use targeted policy > > But i want to use refpolicy for modifying policy so i did?download > using?following steps > 1. #git clone https://github.com/TresysTechnology/refpolicy.git > > 2.?#cd refpolicy > 3. #git submodule init > 4. #git submodule update > 5. Change build.conf file > Type=mls > NAME = refpolicy > MONOLITHIC = y > 6. #make install-src Also, remember the correct sequence is: # (make conf) # make install-src # make policy # make install # make load in the Reference Policy directory. > 7. cd /etc/selinux/refpolicy/src/policy/ > 8. #Make load I think step 7 is wrong. > 9. #Cd /etc/selinux and?Change config file > SELINUX = permissive > SELINUXTYPE = refpolicy > 10. #touch /.autorelabel You can also relabel from the Reference Policy directory by issuing: # make relabel after you have installed the new policy. > 11. #Reboot > > After desktop is rebooted > 12. #setenforce 1 > 13. ...... permission deny > 14. #Sestatus > .... > Loaded policy name: targeted ???(refolicy -> targeted) > Current mode : enforcing > .... > Mode from config file : error (permission denied)??? > > What shuoud i do? > Helps me...?