distributing custom policy

Security News wakesec at gmail.com
Wed Jun 15 18:27:48 UTC 2005

Anyone have any thoughts on the best way to install my own policy
files on a few machines.

I have to go out and find a way to install a policy file, install my
own file_context files, and then compile and load the new custom
policy and fc files.

These systems would be running standard FC3 with the targetted policy,
but without the targetted sources.

I would like to set them all up so that they then have my own version
of the strict policy, without having the source files installed.

Is rpm the best way to attack this or are there better options out
there?  As I see it I would have to include the
policy-strict-<version>.rpm as well as setools-<version>.rpm within my
own rpm file in order to load everything necessary to load the policy
and relabel the filesystem.

More information about the fedora-selinux-list mailing list