10-11-2014
Apply SeLinux policy to *nix device files
If its possible to apply SELinux policies to unix device files, would that be a problem?
I would like to apply a policy to a process and enforce what it can communicate with device-wise (eg. physical network interface port) based on that policy.
Would think that the "selinux-policy-mls" tool could give me that level of segmentation with SELinux?
Thoughts/suggestions?
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
:)Transformation logic on column values in two different files,
File A
12345,000,4444, HKD3.5
12346,000,5555, HKD3.5
File B
12345,4444,54321,6666
12346,5555, 64321,7777
12347,5555, 65321,8888
Requirement as below
1.read file A
2. match with File B ie
if (fileA.column1... (1 Reply)
Discussion started by: HAA
1 Replies
2. UNIX for Dummies Questions & Answers
Hi,
Does anyone know if it is possible to override the GID which files have when they are created in a specific folder?
I want the given GID for the folder to apply to the new files created in the folder, no matter what group the owner of the files have...
I have tried sticky bits but doesn't... (1 Reply)
Discussion started by: linge
1 Replies
3. Linux
Hello all!
I am trying to enable SELinux on bootup for my supported kernel
2.6.26.8.tex1
I am running PCLinuxOS 2009 Beta 2 which is based on Mandriva/Mandrake
From my reading, I know that I am able to set SELinux to boot (preferably in passive mode) however this would still 'change' my... (2 Replies)
Discussion started by: septima.pars
2 Replies
4. Shell Programming and Scripting
Hi all,
Can you please help me in this aspect. I devoloped a FTP script to copy a directory to remote server. Now i got stuck-up in changing the file permissions for all the files in directory. I tried to change the permissions of single file and I did it but failed in changing... (3 Replies)
Discussion started by: Chanakya.m
3 Replies
5. Shell Programming and Scripting
I have say 100 text files (with .txt extension) in a directory.
An example of the content in the file is given below
"NAME"
"cgd1_200"
"cgd1_3210"
"cgd1_560"
"cgd2_2760"
"cgd2_290"
"cgd3_3210"
"cgd3_3310"
"cgd3_660"
"cgd5_2130"
"cgd5_4080"
"cgd6_3690"
"cgd6_4480"
"cgd8_1540"... (2 Replies)
Discussion started by: Lucky Ali
2 Replies
6. Shell Programming and Scripting
Hi All,
I am using the awk command to replace ',' by '\t' (tabs) in a csv file. I would like to apply this to all .csv files in a directory and create .txt files with the tabs.
How would I do this in a script?
I have the following script called "csvtabs":
awk 'BEGIN {
FS... (4 Replies)
Discussion started by: ScKaSx
4 Replies
7. Shell Programming and Scripting
I need to apply mp3gain (album mode) to all mp3 files in a given directory. Each album is in its own directory under /media/data/music/albums for example:
/media/data/music/albums/foo
/media/data/music/albums/bar
/media/data/music/albums/more
What needs to happen is:
cd... (4 Replies)
Discussion started by: audiophile
4 Replies
8. Shell Programming and Scripting
Hey gyuz,
I wanna calculate the number of mapped reads of a bam file in a region of interest. I used this code to do so :
samtools view input.bam chrname:region1 > region1.txt
This will store all the reads from given bam file within the region of interest in region1.txt
Now I have... (5 Replies)
Discussion started by: @man
5 Replies
9. Shell Programming and Scripting
Hi all:
i need to run a rather simple command-line argument:
head -200 input > output
However, I need to do it on several files, all in the same directory.
Is this possible? (2 Replies)
Discussion started by: owwow14
2 Replies
10. Shell Programming and Scripting
Hi all!
I have this command
grep -E '^\To: |^\Date: |^\Subject: ' fileA.txt > fileA_1.txt && grep -v '^\To: |^\Date: |^\Subject: ' fileA.txt >> fileA_1.txt && rm fileA.txt && sed -i -e 's/\(Date: \|Subject: \|To: \)//g' fileA_1.txtHow do I apply it to all the files in the folder (each file has a... (7 Replies)
Discussion started by: guilliber
7 Replies
LEARN ABOUT DEBIAN
booleans
booleans(8) SELinux Command Line documentation booleans(8)
NAME
booleans - Policy booleans enable runtime customization of SELinux policy.
DESCRIPTION
This manual page describes SELinux policy booleans.
The SELinux policy can include conditional rules that are enabled or disabled based on the current values of a set of policy booleans.
These policy booleans allow runtime modification of the security policy without having to load a new policy.
For example, the boolean httpd_enable_cgi allows the httpd daemon to run cgi scripts if it is enabled. If the administrator does not want
to allow execution of cgi scripts, he can simply disable this boolean value.
The policy defines a default value for each boolean, typically false. These default values can be overridden via local settings created
via the setsebool(8) utility, using -P to make the setting persistent across reboots. The system-config-securitylevel tool provides a
graphical interface for altering the settings. The load_policy(8) program will preserve current boolean settings upon a policy reload by
default, or can optionally reset booleans to the boot-time defaults via the -b option.
Boolean values can be listed by using the getsebool(8) utility and passing it the -a option.
Boolean values can also be changed at runtime via the setsebool(8) utility or the togglesebool utility. By default, these utilities only
change the current boolean value and do not affect the persistent settings, unless the -P option is used to setsebool.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>. The SELinux conditional policy support was developed by Tresys Technology.
SEE ALSO
getsebool(8), setsebool(8), selinux(8), togglesebool(8)
dwalsh@redhat.com 11 Aug 2004 booleans(8)