一、应用层工具的安装
1、首先用DVD1安装完Debian系统
2、在安装完后,确保系统能够联网
在【系统管理】-->【软件源】中, 选择【Debian software】选项: 中国的服务器, 把钩全打上;
在【系统管理】-->【软件源】中, 选择【update】选项:将【安全更新】和【最近更新】选上。
点 【关闭】按钮,此时系统开始检查更新。
3、安装更新,然后用apt-cache search selinux 命令,列出需要安装的软件列表
4、安装所有需要的软件。
二、内核配置选项
1、在【security options】选项中, 设置NSA selinux boot parameter default value = 1
即CONFIG_SECURITY_SELINUX_BOOTPARM_VALUE=1
2、编译内核完成,重启动计算机即可。
3、如果成功,在启动时,可以看到Selinux relabeling the system**************.
附selinux软件列表:
root@debian:~# apt-cache search selinux
libselinux1 - SELinux runtime shared libraries
libsepol1 - SELinux library for manipulating binary security policies
libsemanage-common - Common files for SELinux policy management libraries.
libsemanage1 - SELinux policy management library.
python-selinux - Python bindings to SELinux shared libraries
python-semanage - Python bindings for SELinux policy management
python-sepolgen - A Python module used in SELinux policy generation
policycoreutils - SELinux core policy utilities
libsepol1-dev - SELinux binary policy maniulation library and development files
libselinux1-dev - SELinux development headers
linux-patch-tomoyo1.7 - Lightweight and easy-use Mandatory Access Control for Linux
tomoyo-ccstools1.7 - Lightweight and easy-use Mandatory Access Control for Linux
checkpolicy - SELinux policy compiler
libselinux-ruby1.8 - Ruby bindings to SELinux shared libraries
selinux-utils - SELinux utility programs
libsemanage-ruby1.8 - Ruby bindings to for SELinux policymanagement
libsemanage1-dev - Header files and libraries for SELinux policy manipulation
selinux-policy-dev - Headers from the SELinux reference policy for building modules
selinux-policy-doc - Documentation for the SELinux reference policy
selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy
selinux-policy-src - Source of the SELinux reference policy for customization
selinux-basics - SELinux basic support
libseaudit-dev - Security Enhanced Linux audit message parser development
libseaudit4 - Security Enhanced Linux audit message parsing library
libsefs-dev - Security Enhanced Linux file context management development
libsefs4 - Security Enhanced Linux file context management
libsetools-java - SETools Java bindings (architecture-independent)
libsetools-tcl - SETools Tcl bindings
python-setools - SETools Python bindings
setools - tools for Security Enhanced Linux policy analysis
tomoyo-tools - Lightweight and easy-use Mandatory Access Control for Linux
selinux-policy-default -