![]() SELinux policy is customizable based on least access required. SELinux does not deny access to permissive process types, but the AVC (SELinux denials) messages are still generated. Keepalived_t, keepalived_unconfined_script_tĬan be used to make the process type keepalived_t permissive. The following process types are defined for keepalived: SELinux keepalived policy is very flexible allowing users to setup their keepalived processes in as secure a method as possible. ![]() ![]() Policy governs the access confined processes have to files. You can see the context of a process using the -Z option to psP ![]() SELinux defines process types (domains) for each process running on the system The default entrypoint paths for the keepalived_t domain are the following: The keepalived_t SELinux type can be entered via the keepalived_exec_t file type. You can check if you have these processes running by executing the ps command with the -Z qualifier. The keepalived processes execute with the keepalived_t SELinux type. Security-Enhanced Linux secures the keepalived processes via flexible mandatory access control. Keepalived_selinux - Security Enhanced Linux Policy for the keepalived processes
0 Comments
Leave a Reply. |