- The kernel doing the permissions check (called object manager)
- The policy telling the kernel what is allowed or not
- Some userspace tools and libraries to load and manipulate the policy and the state of SELinux
The kernel and the userspace tools are almost the same across all distributions (Well Fedora/RHEL are carrying some patches).
But for the policy it's a different story. RHEL/Fedora have a gigantic patch applied to the refpolicy (reference policy developed by the SELinux upstream).
The policy allowing docker to work has not been upstreamed so it's not that easy for other distributions to use it
- The kernel doing the permissions check (called object manager) - The policy telling the kernel what is allowed or not - Some userspace tools and libraries to load and manipulate the policy and the state of SELinux
The kernel and the userspace tools are almost the same across all distributions (Well Fedora/RHEL are carrying some patches).
But for the policy it's a different story. RHEL/Fedora have a gigantic patch applied to the refpolicy (reference policy developed by the SELinux upstream).
The policy allowing docker to work has not been upstreamed so it's not that easy for other distributions to use it