How to check if the default SELinux policy was modified with installation of any package?

By default Fedora comes with SELinux enabled in Enforcing mode.

How do I check if the default policy(that comes pre-installed) was modified with any of the package installation? I might have allowed applications to modify SELinux policies. I want to make sure the default policies are not tampered.

Any help?

In the end you could do new install of the selinux-policy. Look into dnf help for the right way to refresh the package.

Thank you, @jpbn. I did a reinstall of selinux-policy, selinux-policy-minimum and selinux-policy-targeted.

$ sudo dnf reinstall selinux-policy selinux-policy-minimum selinux-policy-targeted
$ rpm -qa | grep -i selinux-policy

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.