所用软件:
1.setools -->seaudit 读取日志以确定所需权限
2.Reference Policy --> https://github.com/TresysTechnology/refpolicy/wiki/DownloadRelease
3. Security Enhanced Linux (SELinux) userland libraries and tools --> https://codeload.github.com/SELinuxProject/selinux/zip/master
注意编译策略时的依赖包版本,顺序以及版本问题
单独依赖包 --> https://github.com/SELinuxProject/selinux/wiki/Releases
NSA的Example Policy与Reference policy
audit2allow工具
grep smtpd_t /var/log/audit/audit.log | audit2allow -M postgreylocal
http://wiki.centos.org/zh/HowTos/SELinux#head-06b7e3fd1ccf2a1c4e99e4ffd6c549b40afd39df