I am compiling a new kernel, and want to enable SELinux but don't see it in menuconfig anywhere. The only framework under security options is Tomoyo.....so I ask, what happened to SELinux? Both 2.6.33.2 and 2.6.35.11 do not seem to have it present....
2
-
1*** Humour *** The "great penguin" needs an occasional vacation too! ;D– Randolf RichardsonCommented Mar 6, 2011 at 17:41
-
answer is that it needs auditing enabled first in generals setup.– Jace HallCommented Mar 7, 2011 at 0:51
Add a comment
|
1 Answer
[Copying Jace's comment into a full answer]
Auditing must first be enabled from general setup. From Linux Kernel in a Nutshell:
SELinux requires that the networking option be enabled. See the section called “Networking” to enable this.
SELinux also requires that audit be enabled in the kernel configuration. To do this:
General setup
[*] Auditing support
Also, the networking security option must be enabled:
Security options
[*] Enable different security models
[*] Socket and Networking Security Hooks
Now it is possible to select the SELinux option:
Security options
[*] Enable different security models
[*] NSA SELinux Support
There are also a number of individual SELinux options that you might wish to enable. Please see the help for the individual different items for more descriptions on what they do in.
Security options
[*] Enable different security models
[*] NSA SELinux Support
[ ] NSA SELinux boot parameter
[ ] NSA SELinux runtime disable
[*] NSA SELinux Development Support
[*] NSA SELinux AVC Statistics
(1) NSA SELinux checkreqprot default value
