[redhat-lspp] Policy for aide
Matt Anderson
mra at hp.com
Mon Nov 6 17:36:24 UTC 2006
Here is an initial attempt at an aide policy. So far I've only been
testing it on strict-mls so if you are using the Tresys reference policy
Makefile.example you'll need to use TYPE=strict-mls as an option to
build it.
This policy assumes that /var/lib/aide/ exists and is aide_db_t:SysHigh.
It does not allow aide_t to read shadow_t, even though it is common
to have aide check the shadow files, since there is an assert in the
policy against types reading shadow_t. Aide can complete its scan
without being able to read shadow files with only a little complaining.
The testing of this policy has focused on using James Antill's
aide.conf and his patched version of aide which is SELinux aware.
http://people.redhat.com/jantill/aide/
-matt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: aide.fc
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061106/c5e5ceb1/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: aide.if
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061106/c5e5ceb1/attachment-0001.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: aide.te
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061106/c5e5ceb1/attachment-0002.ksh>
More information about the redhat-lspp
mailing list