Talk: Workgroup:SELinux

From NixOS Wiki
Jump to: navigation, search

NOTE: SELinux kernel configuration appears to have deprecated two variables starting with Linux kernel 6.5 or 6.6, `SECURITY_SELINUX_DISABLE` and `SECURITY_SELINUX_CHECKREQPROT_VALUE`.

Instead of this: 

       extraConfig = 
               SECURITY_SELINUX y
               SECURITY_SELINUX_BOOTPARAM n
               SECURITY_SELINUX_DISABLE n
               SECURITY_SELINUX_DEVELOP y
               SECURITY_SELINUX_AVC_STATS y
               SECURITY_SELINUX_CHECKREQPROT_VALUE 0
               DEFAULT_SECURITY_SELINUX n
             ;

Try this: 

       extraConfig = 
               SECURITY_SELINUX y
               SECURITY_SELINUX_BOOTPARAM n
               SECURITY_SELINUX_DEVELOP y
               SECURITY_SELINUX_AVC_STATS y
               DEFAULT_SECURITY_SELINUX n
             ;

Anyone with more information, feel free to chime in on the discussion.

Retrieved from "https://nixos.wiki/index.php?title=Talk:Workgroup:SELinux&oldid=13439"