Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Solve Security-Enhanced Linux Issues With Ease Using SELinux Alert Browser

posted by Fnord666 on Sunday February 12 2017, @02:36PM   Printer-friendly
from the easier-troubleshooting dept.

-- OriginalOwner_ writes:

Jack Wallen asks via TechRepublic

Has SELinux got you down by blocking your apps or causing general havoc? Instead of disabling it, discover how to use the SELinux Alert Browser to solve those problems.

If you're using a Linux distribution that takes advantage of SELinux, such as CentOS, Red Hat, Fedora, or SUSE, you know it can be a blessing and a curse. While SELinux is an incredibly powerful tool that goes a very long way to keep your Linux-powered machines secure, it can be a nightmare to configure. Fortunately, there is a tool called SELinux Alert Browser that can ease those troubles.

With SELinux Alert Browser, you can get quick solutions when SELinux is causing you issues. In fact, you'd be hard-pressed to find an easier route to solving your SELinux-based headaches.

[...] The Troubleshoot button will reveal possible actions you can take to resolve your issue. In some cases sealert will instruct you how to have SELinux stop auditing the issue; in other cases sealert will show how to generate a new policy module that allows an object (such as xenconsoled) access to a resource.

When SELinux Alert Browser makes suggestions, they will be in the form of commands you can run to solve the problem. If you agree with the suggestion offered by sealert, go back to the Terminal window and issue the suggested command(s). Hopefully, your issue will be resolved. If you're unsure that access should be allowed, I highly recommend doing research before issuing the suggested command(s).

Any Soylentils ever get so fed up with SELinux that you just disabled it? Think this might have avoided that?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Solve Security-Enhanced Linux Issues With Ease Using SELinux Alert Browser | Log In/Create an Account | Top | 13 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by Scruffy Beard 2 on Monday February 13 2017, @04:01AM

    by Scruffy Beard 2 (6030) on Monday February 13 2017, @04:01AM (#466440)

    Not sure if parent is informative or trolling...

    The NSA appears to have a similar mission. You conveniently omitted the signals intelligence aspect of their mandate:

    to acquire and use information from the global information infrastructure for the purpose of providing foreign intelligence, in accordance with Government of Canada intelligence priorities;

    Canada participates in Five Eyes [wikipedia.org]

    Where being based in Canada helped Open BSD was when they were able to ship with strong cryptography world-wide. The US prohibited the export of strong encryption at the time. However, they did allow the importation of strong encryption.

  • (Score: 2) by butthurt on Monday February 13 2017, @06:23AM

    by butthurt (6141) on Monday February 13 2017, @06:23AM (#466470) Journal

    The CSE is Canada's analogue to the NSA. It has a similar remit. The topic is SELinux, which is software written by the NSA to make Linux more secure. The CSE, I suggested, could do something similar for OpenBSD.

    Omitting information I deem irrelevant, while noting the omission and linking to the full information, is trolling?

    • (Score: 1) by Scruffy Beard 2 on Monday February 13 2017, @05:12PM

      by Scruffy Beard 2 (6030) on Monday February 13 2017, @05:12PM (#466664)

      Well, I missed that (implied) suggestion.

    • (Score: 0) by Anonymous Coward on Wednesday February 15 2017, @09:33PM

      by Anonymous Coward on Wednesday February 15 2017, @09:33PM (#467604)

      No, they really couldn't. The OpenBSD devs are dead-set against adding what they see as needless complexity.

      • (Score: 1) by butthurt on Wednesday February 15 2017, @09:52PM

        by butthurt (6141) on Wednesday February 15 2017, @09:52PM (#467609) Journal

        The CSE's spying activities that Scruffy Beard 2 brought up might raise eyebrows, too.