mirror of
https://github.com/tommytran732/QubesOS-Scripts
synced 2024-11-24 02:21:35 -05:00
Simplify SELinux instructions
This commit is contained in:
parent
7b8f77e399
commit
e7ef3a8194
@ -1,10 +1,8 @@
|
|||||||
# Enable SELinux
|
# Enable SELinux
|
||||||
|
|
||||||
To enable SELinux, do the following after you have run fedora-minimal.sh:
|
To enable SELinux, do the following after you have run fedora-minimal.sh:
|
||||||
- Shutdown the VM
|
- Shutdown the VM.
|
||||||
- Run `qvm-features fedora-40-minimal selinux 1`.
|
- Run `qvm-features fedora-40-minimal selinux 1`.
|
||||||
- Start the minimal vm. Wait for it to shut itself down.
|
- Start the minimal VM.
|
||||||
- Run `qvm-features fedora-40-minimal selinux 0`.
|
- Edit /etc/sysconfig/selinux and change SELINUX mode to enforcing.
|
||||||
- Turn the VM on, remove `/.autorelabel`.
|
- Restart the VM.
|
||||||
- Turn the VM off.
|
|
||||||
- Run `qvm-features fedora-40-minimal selinux 1`.
|
|
@ -66,5 +66,4 @@ echo 'libhardened_malloc.so' | sudo tee /etc/ld.so.preload
|
|||||||
sudo chmod 644 /etc/ld.so.preload
|
sudo chmod 644 /etc/ld.so.preload
|
||||||
|
|
||||||
# Prepare for SELinux
|
# Prepare for SELinux
|
||||||
sudo touch /.autorelabel
|
sudo touch /.autorelabel
|
||||||
sudo sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/sysconfig/selinux
|
|
Loading…
Reference in New Issue
Block a user