Russel Coker has posted a SELinux on Debian etch in 5 Minutes guide.

Some small things to note:

  • This is for etch, which has Linux 2.6.18 - there are SELinux changes in 2.6.19 which require policy version 21, whereas 2.6.18 has policy version 20. Changing it in /etc/selinux/semanage.conf may or may not be enough.
  • rjc posted this Policy fix you’ll likely need for running enforcing
  • strict, while being more secure, will likely require you to write some policy modules on your own
  • policy is a snapshot from october, you might want to get an updated policy. However I currently don’t have time to work on it, and I just heard that etch was frozen. But maybe Manoj has still time to update the policy and get it into etch…