Hi Thank you Emre Can Kucukoglu, I am just at understanding level. need your support further. Regards Rajkumar On Thursday 14 May 2015 01:14 PM, Emre Can Kucukoglu wrote: > Hi Rajkumar, > > Basically, you need 3 major steps. > > 1. Enable security framework and SELinux configurations from linux kernel. > like: CONFIG_SECURITY_SELINUX, DEFAULT_SECURITY_SELINUX, > SECURITY_SELINUX_AVC_STATS, CONFIG_SECURITY_SELINUX_BOOTPARAM, > SECURITY_SELINUX_DEVELOP, CONFIG_SECURITY_SELINUX_DISABLE > 2. Then download and compile SELinux: > https://github.com/SELinuxProject/selinux. Add cross-compiled files to > your rootfs. > 3. Download and configure SELinux reference policy project, however > keep in mind, you have lots of redundant policy modules in reference > policy, you should keep them out. Load policies, enable your SELinux. > (see setenforce, /etc/selinux/config, boot args, kernel configuration). > 4. Later, you 'can' download and compile setools3 (vs3 is stable one i > guess) to ease your policy management. > > I think SELinux notebook is a good resource to learn how to use > SELinux, not how to port it. > You can look my presentation about SELinux overview, however keep in > mind that it is not reviewed yet. > https://docs.google.com/presentation/d/1Qtl_vaxvcAPse47d2sCWH6IAhn9XYFKkHEsOddobHpw/edit?usp=sharing > > In which step do you think you are? > > 2015-05-14 9:40 GMT+03:00 rajkumar >: > > Hi I am Rajkumar new to SELinux. > > > My Requirement is to start SELinux porting on Embedded device > consists of ARM processor. > Using linux kernel version is 3.0.35. > I started reading The SELinux notebook 4th edition. > Made some changes in .config like enabling SELinux in kernel. > And what are the changes need to be done rootfs apart from DAC > and in kernel. > > > Please provide guidelines. > > -- > Regards > Rajkumar.m > +91 8501021114 > > _______________________________________________ > Selinux mailing list > Selinux@tycho.nsa.gov > To unsubscribe, send email to Selinux-leave@tycho.nsa.gov > . > To get help, send an email containing "help" to > Selinux-request@tycho.nsa.gov . > > > > > -- > Emre Can Kucukoglu -- Regards Rajkumar.m