Add SELinux support #2
Description
SELinux was originally compiled into the kernel, however there are a few pieces of work that need to be completed in order to allow it to work as intended:
- Add one or more selinux policies
- Add selinux understanding to init to load the policies and appropriately label processes
- Add labels to everything in the initrd
- Possibly have init able to relabel the data partition?
- Enable SELinux in cri-o's default configuration
As this is a lot of work, it is acceptable to compile selinux out for the moment and readd at a later date when ready.