Gentoo Linux Handbook Page --

1.a. Gentoo SELinux Installation

Warning: SELinux is only supported on servers. Workstation support will happen in the future.

The installation of Gentoo SELinux is the same as regular Gentoo. The regular install should be followed from the Gentoo Handbook, keeping in mind the following notes. Then the system should converted to SELinux using the (SELinux Conversion Guide).

1.b. Installation Notes

Filesystems

Only ext2, ext3, JFS and XFS are supported at this time.

XFS users should use 512 byte inodes (the default is 256). SELinux uses extended attributes for storing security labels in files. XFS stores this in the inode, and if the inode is too small, an extra block has to be used, which wastes a lot of space, and incurs performace penalties.

Code Listing 1: Example XFS filesystem creation command

# mkfs.xfs -i size=512 /dev/hda3

Kernel

Warning: Kernels 2.6.14 and 2.6.15 have broken SELinux XFS support.

You can save time by looking ahead to the (kernel options) required for SELinux, to save compiling the kernel multiple times.