PepOSServer/pephooks/normal/0660-selinux_hook.chroot

#!/bin/bash

# SPDX-License-Identifier: GPL-3.0-or-later
#
# SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me

# Install required SELinux packages
  apt -y install selinux-basics selinux-policy-default auditd

# Initialize SELinux
  selinux-activate

# Restart auditd service
  systemctl restart auditd

# Enable SELinux policy activation on boot
  systemctl enable selinux-policy-activate

# Disable AppArmor
  systemctl disable apparmor
  systemctl stop apparmor
  apt -y purge apparmor

# Additional configuration (optional)
# Here you can add commands to adjust policies or configure additional rules

# Set SELinux to enforcing mode
  /usr/sbin/setenforce 1

# Configure file contexts (example)
  /sbin/restorecon -Rv /etc/

# Allow HTTPD scripts and modules to connect to the network (example)
  /usr/sbin/setsebool -P httpd_can_network_connect 1

exit 0