Linux systems have a rather nice auditing framework built into the kernel. This framework consists of a kernel component that inspects and filters events and a userland daemon (auditd) that takes the events and archives them to persistent storage. These audit log events can then be searched and summarized with the ausearch and aureport utilities. […]
Archive for 'Linux SELinux'
The Linux kernel has supported NFS for as long as I can remember. All of the major distributions (Redhat, CentOS, Fedora, Suse, Ubunut) ship with NFS client and server support and have all of the user land daemons and tools needed to configure and debug NFS. I spent some time this past weekend bringing up […]
I have been spending a good bit of time playing with SELinux, which has required me to learn how to debug issues that arise due to its use. The most common issues that arise are usually related to security context mismatches. This can occur because somebody modified a file and didn’t bother to chcon a […]