Insight: Replicate SELinux Policies In Linux Machines [CentOS]
Replicate SELinux Policies In Linux Machines [CentOS]
This process works fine on CentOS 6 & up. Meanwhile, make sure that the target machine is running the same version of CentOS as source machine or higher version because SELinux modules are not backward compatible.
In order to replicate or copy SELinux policies in Linux systems, we need to have semange command/tool installed in your system. To check if ‘semange’ command is installed on your CentOS machine, run the following command.
$ semanage –help
If you get the error stating: command not found, then the tool/command is not installed in your system.
In order to install ‘semanage’ command on your machine, run the following command to install the following package.
$ sudo yum install policycoreutils-python
Above command will also install ‘semange’ command other dependencies.
How To Replicate SELinux Policies
At first, Create a file with all the SELinux settings. Open your terminal and run the following command to create a file.
$ sudo semanage -o /root/localpolicy.selinux
After creating file, Transfer this file to the second system on which you want to replicate SELinux policies as the first system.
$ scp -rv /root/localpolicy.selinux [email protected]:/root
Now, you need to restore the file. Follow the step below to restore the file.
$ ssh [email protected]
Now, Restore file using the following command.
# semanage -i /root/localpolicy.selinux
You will have your SELinux policies of first machine restored into the second machine.
Let us know, if there is error or something missing in this post.