2 years ago

How to decode HEX strings in audit logs?

When a record in audit log contains a white space, it's encoded to HEX string, e.g.: type=PROCTITLE msg=audit(1449583261.740:1899): proctitle=2F7573722F62696E2F7065726C002F7573722F73686172652F61777374…

2 years ago

SELinux tricks - auditallow

Sometimes, you want to know when an SELinux rule is used, e.g. when/if sshd opens an authorized_keys file in a user home. You can use auditallow rule for that and check audit log: # cat > auditsshd…

2 years ago

SELinux tricks - permissive domain

Sometimes, you hit a policy issue, make non-standard configuration changes or you just need a daemon to work regardless of SELinux restriction. In these cases you might want to switch a domain to be p…

2 years ago

SELinux modules and priority

introduction The new SELinux modules storage in /var/lib/selinux/ allows to use priority on SELinux modules. # ls /var/lib/selinux/targeted/active/modules 100 400 disabled The default priority and…

2 years ago

libselinux-2.3-9 updates in Fedora

Fedora   libselinux  

I've just pushed updates with libselinux-2.3-9 to Rawhide, Fedora 22 and Fedora 21. The updates are based on fedora-selinux/selinux commit 4395ef2b8bb086878b5fad80321ac9d32f424f51. Download, test and…