Archive for 'Linux SELinux'

Using Linux auditing to observe program executions and file accesses

Linux systems have a rather nice auditing framework built into the kernel. This framework consists of a kernel component that inspects and filters events and a userland daemon (auditd) that takes the events and archives them to persistent storage. These audit log events can then be searched and summarized with the ausearch and aureport utilities. […]

Configuring a Linux NFS server in a SELinux-managed environment

The Linux kernel has supported NFS for as long as I can remember. All of the major distributions (Redhat, CentOS, Fedora, Suse, Ubunut) ship with NFS client and server support and have all of the user land daemons and tools needed to configure and debug NFS. I spent some time this past weekend bringing up […]

How to debug SELinux service issues

I have been spending a good bit of time playing with SELinux, which has required me to learn how to debug issues that arise due to its use. The most common issues that arise are usually related to security context mismatches. This can occur because somebody modified a file and didn’t bother to chcon a […]