Configuring Multi-Category Security for data confidentialityħ.4. Using Multi-Category Security (MCS) for data confidentiality"ħ.2. Using Multi-Category Security (MCS) for data confidentiality"Ĭollapse section "7. Using Multi-Category Security (MCS) for data confidentialityĮxpand section "7. Allowing MLS users to edit files on lower levelsħ. Separating system administration from security administration in MLSĦ.10. Increasing file sensitivity levels in MLSĦ.8. Changing a user’s clearance level within the defined security range in MLSĦ.6. Using Multi-Level Security (MLS)"Ĭollapse section "6. Troubleshooting problems related to SELinux"Įxpand section "6. Troubleshooting problems related to SELinux"Ĭollapse section "5. Troubleshooting problems related to SELinuxĮxpand section "5. Adjusting the policy for sharing NFS and CIFS volumes using SELinux booleansĥ. Customizing the SELinux policy for the Apache HTTP server in a non-standard configurationĤ.2. Configuring SELinux for applications and services with non-standard configurations"Ĥ.1. Configuring SELinux for applications and services with non-standard configurations"Ĭollapse section "4. Configuring SELinux for applications and services with non-standard configurationsĮxpand section "4. Confining an administrator using sudo and the sysadm_r roleĤ. Confining an administrator by mapping to sysadm_uģ.7. Adding a new user as an SELinux-confined userģ.6. Adding a new user automatically mapped to the SELinux unconfined_u userģ.4. Managing confined and unconfined users"ģ.3. Managing confined and unconfined users"Ĭollapse section "3. Managing confined and unconfined usersĮxpand section "3. Enabling SELinux on systems that previously had it disabledģ. Permanent changes in SELinux states and modesĢ.4. Changing SELinux states and modes"Ĭollapse section "2. Getting started with SELinux"Įxpand section "2. Getting started with SELinux"Ĭollapse section "1. On my Gentoo, the following packages need to be installed: sys-apps/policycoreutilsĪvailable versions: 2.0.82 (~)2.0.82-r1 (~)2.0.85 (~)2.1.Providing feedback on Red Hat documentationĮxpand section "1.
mod file and then use dismod to disassemble the binary module to textual representation. To unpack this policy module, you need a tool which is called semodule_unpackage to extract the.
# semodule_package -m postgreylocal.mod -o postgreylocal.pp Postgreylocal.pp policy module will be created with: # checkmodule -M -m -o postgreylocal.mod postgreylocal.te #= postfix_smtpd_t =Īllow postfix_smtpd_t initrc_t:unix_stream_socket connectto Īllow postfix_smtpd_t postfix_spool_t:sock_file write generate a set of policy rules: audit2allowĪssuming that I have a postgreylocal.te file with belows content: module postgreylocal 1.0.A SELinux policy module is built by following steps:
0 kommentar(er)
