On 04/06/2016 08:04 PM, Naina Emmanuel wrote:
Thanks for the response... Please tell that how can we map the service running to its module? My use case is, ps -efZ will tell which services are running(enforced modules) how can we map that running service to its module( that is applying a policy to that Service?)
Vit Mojzis can help you here.
Thansk in advance Engr. Naina Emmanuel On Apr 5, 2016 2:51 PM, "Miroslav Grepl" <mgrepl@xxxxxxxxxx <mailto:mgrepl@xxxxxxxxxx>> wrote: On 04/03/2016 10:20 AM, Naina Emmanuel wrote: > Good Afternoon > Can u please help me and tell... > 1) how we can check, which policy modules are actually enforced? means > which services are being secured by selinux. because #semodule -l gives > loaded modules, but which are being secured how can we check that???* > * Good point. You can play around $ seinfo -xadomain > 2) If i dont understand any macro, from where i can get its description > or help?* You are looking for $ firefox /usr/share/doc/selinux-policy/html/index.html $ rpm -qf /usr/share/doc/selinux-policy/html/index.html selinux-policy-doc-3.13.1-180.fc25.noarch > * > * > * > * > *thanks in advance > * > * > * > * > * > /Engr. Naina Emmanuel/* > *Linux Essential Certified (LEPDC)** > * > *Cisco Certified Network Associate (CCNA)* > *Computer Engineering Department, UET Taxila > * > *Information Security, CS Department, CIIT Islamabad > * > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx <mailto:selinux@xxxxxxxxxxxxxxxxxxxxxxx> > http://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx > -- Miroslav Grepl Senior Software Engineer, SELinux Solutions Red Hat, Inc. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx
-- Lukas Vrabec SELinux Solutions Red Hat, Inc. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx
