Thomas' SELinux-Pages

Please note:: This page is horribly outdated. It is just here for historical reasons.
-- Thomas

What is SELinux?

SELinux is a MAC implementation for Linux that is flexible, powerful and secure. If you've never used a MAC-system you'll probably need some time getting used to SELinux, but I can assure you that after a while it will seem very natural to think in terms of SELinux-permissions.

The best place to start learning SELinux is probably the HOWTO written by Faye Coker.

SELinux-Policy and arch

Configuring SELinux is done by adapting the policy to your system. Updating this policy can be a painful thing, because you almost certainly have local changes which you want to preserve. Configuring policy also involves moving many files around.

To make updating and maintaining policy easier, I have made an arch-repository available which contains the latest policy from the sourceforge CVS. The archive is named (You can browse it here) and is available at This archive is GPG-signed using my public key.

Available branches:
policy--fedora--0Fedora policy
policy--suse--0my SuSE policy, resynced once in a while to my internal tree and fedora policy
policy--devo--0my devo branch, currently inactive
policy--snapshot--0cvs snapshot, updated most often

I have written down a few notes for those new to Arch: Using Arch for SELinux-Policy management


I have built SELinux packages for SuSE 10.0. Check them out

Other things related to SELinux

Feel free to contact me