I have been trying to switch from AppArmor to SELinux on Tumbleweed. I have tried to follow https://en.opensuse.org/Portal:SELinux/Setup but, as far as I can tell, it does not apply to a system based on GRUB2_LSB. (I don’t have systemd-boot) Consequently, I don’t have a /etc/default/grub file. I have already made the changes in cmdline, but these are not being loaded into the kernel at boot. The GRUB menu still shows security=apparmor despite the changes made. How does one actually go about switching to SELinux in a case like mine? Is there any existing documentation on this?
Kernel command line parameters can simply be added and removed via update-bootloader
Adding a parameter:
sudo update-bootloader --add-option youroptionxyz
sudo update-bootloder --config
E.g.:
sudo update-bootloader --add-option security=selinux
sudo update-bootloder --config
Deleting a parameter:
sudo update-bootloader --del-option youroptionxyz
sudo update-bootloder --config
E.g.:
sudo update-bootloader --del-option security=apparmor
sudo update-bootloder --config
2 Likes
@pln:
I suspect that, you mean “GRUB2-BLS” → <GRUB2-BLS in openSUSE Tumbleweed is now the default>
It worked. I’ve now got SELinux up and running. It was easier than I first thought. Many thanks for your help. I really appreciate it.
Yes, of course. You’re right. I mixed up the letters and wrote it wrong.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.