---

所用软件:

1.setools -->seaudit  读取日志以确定所需权限

2.Reference Policy  -->  https://github.com/TresysTechnology/refpolicy/wiki/DownloadRelease

3. Security Enhanced Linux (SELinux) userland libraries and tools --> https://codeload.github.com/SELinuxProject/selinux/zip/master

　　注意编译策略时的依赖包版本,顺序以及版本问题

　　单独依赖包 --> https://github.com/SELinuxProject/selinux/wiki/Releases

---

NSA的Example Policy与Reference policy

---

audit2allow工具

grep smtpd_t /var/log/audit/audit.log | audit2allow -M postgreylocal

http://wiki.centos.org/zh/HowTos/SELinux#head-06b7e3fd1ccf2a1c4e99e4ffd6c549b40afd39df

---