From Fedora Project Wiki

Revision as of 16:27, 16 December 2016 by Lvrabec (talk | contribs)

This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page.

Motivation

Having proper guidelines how to ship own SELinux module in a product RPM package and how to remove it from distribution SELinux Policy.


Benefits

  • Fedora Distribution policy reflects the latest features of those products so that users have a positive experience while being secured.
  • More SELinux features and adoptions in future.
  • More portable distribution policy for various platforms
  • Proper guidelines for product package maintainers. This includes: Fedora Package guidelines.
  • Cockpit, Docker, OpenStack teams ship own policies and these policies are not part of our distribution policy.

Resources

SELinux in general

Why is SELinux useful

Writing own Policy module

Shipping own SELinux module