5

Very strict SELinux for application

view full story
linux-howto

http://forums.fedoraforum.org – Hi, I don't know very much about SELinux so I need your tips how to achieve what I want to do. I don't need a solution but hints where to start and what to read. I want to have an application which is allowed to read/write a config file, update the system (using yum) and updating itself and has access to some of the hardware. Nothing else should be possible. The application will be started on bootup and closing it will shutdown the hole system. There should be no user or at least not more users then needed to boot the system and run the app. How do I know which system services (e.g. (HowTos)

xiooo's picture
Submitted by xiooo on 11/01/2012 – Made popular on 11/01/2012

Stories similar to Very strict SELinux for application

Hi all, i came across the following method of how to permanently disabling selinux and it's notifications. Although changing enforcement from the gui into permissive mode does most of the job, the notifications still pop-up when some applications are started. So to disable it do the following:

open terminal as root and execute:

On a recent install I cannot get system-config-selinux to start, it gives :

Code: Traceback (most recent call last):   File "/usr/share/system-config-selinux/system-config-selinux.py", line 57, in <module>     gnome.program_init("SELinux Management Tool", "5") AttributeError: 'module' object has no attribute 'program_init' when started

SeLinux - The fun never ends. 23 weeks 6 days ago

So we're supposed to be able to understand SeLinux? Over the last few days while using Fedora 18 Beta I've been seeing some SeLinux warnings while doing system wide searches. While I've been able to handle SeLinux issues on my own (for the most part) this proposed solution baffles me.

Does anyone know which sebool it is to allow httpd write access to /home/user/html? When I disable selinux echo 0 > /selinux/enforce I can write, so definitely selinux. Just don't know which one is the right one without opening a big hole and Google isn't being much help.

#[/home]ls -Z drwxr-x---.

I set selinux to permissive in the config file.

new ubuntu user. after boot (boot is quite fast), opening applications such as firefox, libra, system settings, takes close to 10 seconds to open. after the application is loaded in RAM, the application opens fine.

the system feels snappy, quick. when i have two FIREFOX open, unity is snappy in showing me the two windows side by side.

I am working on QNX 6.5 Operating system. QNX 6.5 supports POSIX APIs. I am trying to build an application which is used to evaluate performance of hard-disks. My application will read/write/read after write a user defined data buffer of size in KB or MB continuously to the hard-disk from start sector to end sector.

I need to run my QT GUI application immediately when my linux system starts. I do not need any other things apart from this QT GUI application ..

I am trying to find a lightweight way to start an application on a remote Windows7 machine from linux.

The following are my boundary conditions:

The Windows7 system is located in the same subnet on the same LAN as the Linux machine. If needed, a local user account with administrator privileges is available on that machine and the password is known. The application which should be started on th