All Questions
64
questions
0
votes
0
answers
210
views
Enabling Selinux on debian-based system
I just want to know if there is a way to enable SElinux on a Debian-based system. I'm currently running parrot OS with what a think is Debian 10 and I'm having problem enabling Selinux on it. When I ...
2
votes
1
answer
937
views
Tomcat runs from the command line, but will not start as a systemd service
I have built an Apache Tomcat 9.0.83 server on Oracle Linux 9 which will not start as a systemd service, but it does work if you run it from the command line.
sudo su - tomcat /u01/tomcat/my_server/...
- 131
1
vote
1
answer
4k
views
How do I disable "suspend to RAM", and enable "suspend to idle"?
I found some threads and articles with lots of info on this topic but I can't seem to make sense of it just yet. I'm running Fedora workstation with secure boot and full disk encryption on an Asus tuf ...
forestsounds89
0
votes
1
answer
839
views
Arch: unable to write to pipe (Broken pipe) when installing selinux-refpoicy-arch
I'm setting up selinux on my arch system, every library successfully built and the modules were installed, but attempting to apply the reference policies supplied by selinux-refpolicy-arch fails after ...
- 11
1
vote
1
answer
493
views
Can environment variables be made immutable?
With the recent discovery of the Symbiote vulnerability, it is now apparent that we need a mitigation for LD_PRELOAD injection attacks and similar. One way we may be able to prevent this exploitation ...
- 1,017
1
vote
0
answers
314
views
Fedora Tor Failed to bind one of the listener ports
Tor Log:
Jun 03 15:12:53.463 [notice] Tor 0.4.7.7 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1n, Zlib 1.2.11, Liblzma 5.2.5, Libzstd 1.5.2 and Glibc 2.34 as libc.
Jun 03 15:12:53.463 [...
- 1
1
vote
0
answers
197
views
SELinux - add access rights for a new type
I am new to SELinux and I need to create a new type for a file and then specify access rights for a standard Linux user with its security context: user_u : user_r : user_t. I created new module (.te ...
- 11
0
votes
0
answers
355
views
Why does a shared samba directory show different file permissions?
The file permission in my samba server (local filesystem) are as follows:
-rw-r-----+ 1 sambaserver sambaserver 49 Jan 9 01:14 staticfile.md
However, when accessed remotely through a client, the ...
- 11
1
vote
0
answers
219
views
Use SELinux(?) to disable root access to iptables for procrastination
This might not be a problem for you but I suffer from poor impulse control and as a result constant procrastination while in front of a computer. I can't procrastinate much on my phone because I ...
- 11
0
votes
1
answer
233
views
Selinux: changing root mapping
I want to control some accesses of root in Linux- fedora, for example, I want to run a process and I want root not to be able to kill it.
I use SELinux and I changed root mapping from unconfined to ...
- 1
1
vote
1
answer
769
views
How to add a capability to SELinux custom role?
I created a role foo_r, and I would like that a user with this role, can open a reserved port (< 1024) with the CAP_NET_BIND_SERVICE capability.
For this I added a security context:
policy_module(...
- 11
0
votes
0
answers
350
views
How can I get my gnome lockscreen as default instead of the grey system one?
Suddenly my lockscreen changed from the gnome (blue one) lockscreen that detects the username and asks for password to the login screen that asks for both username and password. I am trying to get it ...
0
votes
1
answer
484
views
CentOS 8 auditd AVC denials message flood caused by denied setuid
Today my CentOS 8 suddenly frozen and not responding to user inputs.
When I tried to login from console, I saw messages like these:
audit: backlog limit exceeded
audit: backlog limit exceeded
audit: ...
- 1
0
votes
1
answer
552
views
How can an SELinux filesystem be relabeled in an unpacked squashfs filesystem?
I am trying to configure selinux for a live boot Debian system.
SELinux is inoperable due to copious changes during build and system configuration and requires the entire filesystem to be relabeled. ...
- 79
0
votes
0
answers
72
views
Is it possible to limit the permissions of a user based on his or her actions?
I'm currently working on a research project, that includes the question, if it is possible to implement a Chinese-Wall based information flow control model based on SELinux. One of the core principles ...
