mirror of
https://github.com/tommytran732/QubesOS-Scripts
synced 2024-11-24 18:41:33 -05:00
Enable SELinux on Fedora minimal
This commit is contained in:
parent
857fbd5f14
commit
7b8f77e399
10
fedora-minimal/README.md
Normal file
10
fedora-minimal/README.md
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# Enable SELinux
|
||||||
|
|
||||||
|
To enable SELinux, do the following after you have run fedora-minimal.sh:
|
||||||
|
- Shutdown the VM
|
||||||
|
- Run `qvm-features fedora-40-minimal selinux 1`.
|
||||||
|
- Start the minimal vm. Wait for it to shut itself down.
|
||||||
|
- Run `qvm-features fedora-40-minimal selinux 0`.
|
||||||
|
- Turn the VM on, remove `/.autorelabel`.
|
||||||
|
- Turn the VM off.
|
||||||
|
- Run `qvm-features fedora-40-minimal selinux 1`.
|
@ -64,3 +64,7 @@ sudo https_proxy=https://127.0.0.1:8082 dnf copr enable secureblue/hardened_mall
|
|||||||
sudo dnf install -y hardened_malloc
|
sudo dnf install -y hardened_malloc
|
||||||
echo 'libhardened_malloc.so' | sudo tee /etc/ld.so.preload
|
echo 'libhardened_malloc.so' | sudo tee /etc/ld.so.preload
|
||||||
sudo chmod 644 /etc/ld.so.preload
|
sudo chmod 644 /etc/ld.so.preload
|
||||||
|
|
||||||
|
# Prepare for SELinux
|
||||||
|
sudo touch /.autorelabel
|
||||||
|
sudo sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/sysconfig/selinux
|
Loading…
Reference in New Issue
Block a user