custom selinux - selinux - Fedora Mailing-Lists

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

custom selinux

Error while running setsebool

SELinux is preventing mktemp from...

al so

Wednesday, 26 January 2022 Wed, 26 Jan '22

6:53 p.m.

On a system where SELinux is enforced, how to selectively disable SELinux on a few custom linux processes without impacting the rest?

Attachments:

attachment.html (text/html — 155 bytes)

Reply

Show replies by date

al so

Wednesday, 26 January Wed, 26 Jan

6:58 p.m.

Better yet, how to selectively enable Permissive mode for only a few linux processes on a system where SELinux is globally enforced? It is going to be an interim measure only before you dismiss it as insecure practice. On Wed, Jan 26, 2022 at 4:53 PM al so <volkswak(a)gmail.com> wrote:

On a system where SELinux is enforced, how to selectively disable SELinux on a few custom linux processes without impacting the rest?

Reply

Thomas Mueller

Thursday, 27 January Thu, 27 Jan

1:15 a.m.

On 1/27/22 01:58, al so wrote:

Better yet, how to selectively enable Permissive mode for only a few linux processes on a system where SELinux is globally enforced? It is going to be an interim measure only before you dismiss it as insecure practice.

On Wed, Jan 26, 2022 at 4:53 PM al so <volkswak(a)gmail.com> wrote: On a system where SELinux is enforced, how to selectively disable SELinux on a few custom linux processes without impacting the rest? Check the `semanage permissive` command (in fedora 35 its in package: policycoreutils-python-utils). You'll need to figure out, what type your process runs as (maybe `ps -efZ`) Examples from the man page: List all permissive modules # semanage permissive -l Make httpd_t (Web Server) a permissive domain # semanage permissive -a httpd_t

Reply

819

days inactive

819

days old

selinux@lists.fedoraproject.org

Manage subscription

2 comments

2 participants

tags (0)

participants (2)

al so
Thomas Mueller