|
|
Sponsored Content
Special Forums
UNIX and Linux Applications
A little help with seLinux
Post 302790853 by Linusolaradm1 on Sunday 7th of April 2013 03:38:01 AM
04-07-2013
|
|
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I am on a fedora core 2.6.9-1.677 i686
which is selinux enabled unlike the version I was on before .. which had to be manually enabled ..and if you knew nothing of the sort you were lost.. that was the case for me anyway! like i was saying ... now I am on a system that is enabled I have just... (1 Reply)
Discussion started by: moxxx68
1 Replies
2. Linux
in fedora core 2 with enforcing mode in selinux , why even as a root OS doesnt give permission to create any directory or file in /home ? (1 Reply)
Discussion started by: the.last.soul
1 Replies
3. Red Hat
When I installed Fedora 10 I set the option to encrypt my file systems but now I can't open either of my two HDD's. I asks me for my password and gives me three options concerning the "remembering" of my password but when I put the password in nothing happens at all. Any ideas? Thanks. (3 Replies)
Discussion started by: jasonfrost
3 Replies
4. Virtualization and Cloud Computing
Hi,
Has anyone enabled SELinux on Amazon EC2?
I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!!
Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ...
The steps i took:
1)I started with CentOS 5.3 base... (5 Replies)
Discussion started by: fun_indra
5 Replies
5. Red Hat
Hi All,
Will some one kindly explian below ?
selinux
What is the effect of installing a server using this kickstart option as follows:
selinux --enforcing
and
selinux --disabled (1 Reply)
Discussion started by: sri243
1 Replies
6. Cybersecurity
Hi, I can not start named service:
/etc/init.d/named start
Iniciando named:
Error in named configuration:
zone default.domain/IN: loading from master file /home/admin/conf/dns/default.domain.db failed: permission denied
zone default.domain/IN: not loaded due to errors.... (2 Replies)
Discussion started by: Anibal
2 Replies
7. Red Hat
Hi,
in /etc/httpd/conf/httpd.conf
#DocumentRoot "/var/www/html"
DocumentRoot "/home/phpmy/html"
when I restarted httpd
# /etc/init.d/httpd restart
Stopping httpd:
Starting httpd: Syntax error on line 293 of /etc/httpd/conf/httpd.conf:... (0 Replies)
Discussion started by: jediwannabe
0 Replies
8. UNIX for Dummies Questions & Answers
I worked all night on creating an RHEL 7 template customized for our private cloud and almost had it ready. While doing the final part, enabling GDM, I made the blunder of disabling SELINUX. Now I am not able to re-enable or put into permissive mode again. Earlier, when this happened on RHEL 6... (3 Replies)
Discussion started by: satish51392111
3 Replies
LEARN ABOUT DEBIAN
selabel_media
selabel_media(5) SELinux API documentation selabel_media(5) NAME
selabel_media - userspace SELinux labeling interface and configuration file format for the media contexts backend. SYNOPSIS
#include <selinux/label.h> int selabel_lookup(struct selabel_handle *hnd, security_context_t *context, const char *device_name, int unused); int selabel_lookup_raw(struct selabel_handle *hnd, security_context_t *context, const char *device_name, int unused); DESCRIPTION
The media contexts backend maps from media device names such as "cdrom" or "floppy" into security contexts. It is used to find the appro- priate context for establishing context mounts on these devices. The returned context must be freed using freecon(3). selabel_lookup(3) describes the function with its return and error codes. The integer lookup argument is currently unused and should be set to zero. Any messages generated by selabel_lookup are sent to stderr by default, although this can be changed by selinux_set_callback(3). selabel_lookup_raw behaves identically to selabel_lookup but does not perform context translation. The FILES section details the configuration files used to determine the media context. OPTIONS
In addition to the global options described in selabel_open(3), this backend recognizes the following options: SELABEL_OPT_PATH A non-null value for this option specifies a path to a file that will be opened in lieu of the standard media contexts file. FILES
The media context file used to retrieve a default context depends on the SELABEL_OPT_PATH parameter passed to selabel_open(3). If NULL, then the SELABEL_OPT_PATH value will default to the active policy media contexts location (as returned by selinux_media_context_path(3)), otherwise the actual SELABEL_OPT_PATH value specified is used. The default media contexts file is: /etc/selinux/{SELINUXTYPE}/contexts/files/media Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)). Should there not be a valid entry in the media file, then the default removable_context file will be read (see removable_context(5)). FILE FORMAT
Each line within the media file is as follows: device_name context Where: device_name The media identifier (e.g. cdrom, floppy, disk and usb). context The context to be used for labeling the device. Example: # contexts/files/media cdrom system_u:object_r:removable_device_t floppy system_u:object_r:removable_device_t disk system_u:object_r:fixed_disk_device_t NOTES
If contexts are to be validated, then the global option SELABEL_OPT_VALIDATE must be set before calling selabel_open(3). If this is not set, then it is possible for an invalid context to be returned. SEE ALSO
selinux(8), selabel_open(3), selabel_lookup(3), selabel_stats(3), selabel_close(3), selinux_set_callback(3), selinux_media_context_path(3), freecon(3), selinux_config(5), removable_context(5) Security Enhanced Linux 29 Nov 2011 selabel_media(5)