为ubuntu16.04安装selinux

桌面版:

执行apt-get install selinux

报错: dpkg: error processing package selinux (--configure)

这是因为ubuntu16.04桌面版默认安装apparmor, 它是另一个权限管理模块,与selinux冲突.

于是执行apt-get remove apparmor将其卸载即可.

arm版:

执行apt-get install selinux

报错: 

selinux : PreDepends: grub-pc but it is not installable
               Recommends: selinux-policy-ubuntu but it is not going to be installed or
               selinux-policy
E: Unable to correct problems, you have held broken packages.

这是缺少pc版依赖,显然arm版ubuntu无法安装,那么放弃这种安装方法.

发现arm版ubuntu16.04的内核缺少selinux模块.

1.进入kernel的Security options里,

build-in相关模块NSA SELinux Support

选择Default security module (SELinux)的选项为selinux

重新编译内核并替换.

2.安装selinux应用工具

执行apt-get install selinux-basics

apt-get install selinux-utils

3.尝试执行getenforce,setenforce成功.