bubbles/iso_configs/hooks/normal/debsrv_64/0660-selinux_hook.chroot

39 lines
891 B
Bash
Executable File

#!/bin/bash
# SPDX-License-Identifier: GPL-3.0-or-later
#
# SPDX-FileCopyrightText: 2023 PeppemrintOS Team (peppermintosteam@proton.me
# Install required SELinux packages
apt -y install selinux-basics selinux-policy-default auditd
# Initialize SELinux
selinux-activate
# Restart auditd service
systemctl restart auditd
# Enable SELinux policy activation on boot
systemctl enable selinux-policy-activate
# Disable AppArmor
systemctl disable apparmor
systemctl stop apparmor
apt -y purge apparmor
# Additional configuration (optional)
# Here you can add commands to adjust policies or configure additional rules
# Set SELinux to enforcing mode
/usr/sbin/setenforce 1
# Configure file contexts (example)
/sbin/restorecon -Rv /etc/
# Allow HTTPD scripts and modules to connect to the network (example)
/usr/sbin/setsebool -P httpd_can_network_connect 1
exit 0