Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains checkpolicy, the SELinux policy compiler.
Only required for building policies. It uses libsepol to generate
the binary policy. checkpolicy uses the static libsepol since it
deals with low level details of the policy that have not been
encapsulated/abstracted by a proper shared library interface.