Server 24/7

I am Vitalijus Ryzakovas. This is my LINUX/UNIX blog.

Skip to content

Home
get linux support
Linux maintenance
My CV

Custom selinux rule fro virtd_lxc_t

2 Replies

We need create new Type Enforcement policy:

cat > virtd_lxc_t.te

module lxc 1.0; 

require {
        type hald_t;
        type virtd_lxc_t;
        class dbus send_msg;
}

#============= hald_t ==============
allow hald_t virtd_lxc_t:dbus send_msg;

and this for manually compile and load the edited custom Selinux policy module:

checkmodule -M -m -o virtd_lxc_t.mod virtd_lxc_t.te
semodule_package -o virtd_lxc_t.pp -m virtd_lxc_t.mod
semodule -i virtd_lxc_t.pp

This entry was posted in linux and tagged selinux on August 12, 2013 by Vitalijus Ryzakovas.

Post navigation

← LXC container on Centos Install Centos guest with Qemu KVM →

2 thoughts on “Custom selinux rule fro virtd_lxc_t”

Javier March 11, 2014 at 10:04 pm

I follow this procedure to create security policy but in the last step semange tell me ” Failed “.

Regards…..,

Reply ↓
Gregg Leventhal February 23, 2015 at 3:05 pm

Thanks a lot! This seemed to work great!

Reply ↓

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Comment *

Name *

Email *

Website

Δ

logo

Linux blog search

Search for:

Tag cloud

My Linkedin

Recent Posts

many php extensions at once
wireguard-ui without docker
kibana add enrollment token cli
PMM
mysql dump triggers only

Recent Comments

Samuel on ERROR 1410 (42000): You are not allowed to create a user with GRANT
Yaniv Illouz on [ERROR FileContent–proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
Sagar Kai on bash extract domain from url
Mor on mounted filesystem discovery exclude zabbix
Tanvir on php7.4-dev : Depends: libssl-dev but it is not going to be installed

Archives

Categories

Domains
Hosting
linux
Linux networking
misc
Uncategorized
Unix
Virtualization
VPS

Proudly powered by WordPress

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More

Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT