安装软件
aptitude install selinux-basics selinux-policy-default auditd -y
重新生成内核initrd文件
update-initramfs -u
update-initramfs: Generating /boot/initrd.img-5.10.0-10-amd64
重新配置GRUB (启动参数会自动加上 security=selinux)
selinux-activate
Activating SE Linux
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.10.0-10-amd64
Found initrd image: /boot/initrd.img-5.10.0-10-amd64
done
SE Linux is activated. You may need to reboot now.
检查selinux配置情况(暂时未配置成功)
check-selinux-installation
getfilecon: getfilecon(/proc/1) failed
SELinux is not enabled.
Could not read the domain of PID 1.
The directories /sys/fs/selinux and /selinux are missing.
重启,第一次重启,selinux会给文件打上标签,过程会有几分钟之后,系统会自动重启
再次检查selinux配置情况(无输出极为正确)
check-selinux-installation