File System Security Contexts - Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual
Selinux guide
Hide thumbs
Also See for ENTERPRISE LINUX 4 - SELINUX GUIDE:
- Manual (410 pages) ,
- System administration manual (400 pages) ,
- Administration manual (200 pages)
Table of Contents
Advertisement
8
7.
then re-executes itself so that it can transition to a different domain, if the policy defines
init
it. For the targeted policy, there is no transition defined and
domain.
8. At this point,
init
The reason for
init
objective of a re-execution is to transition to a new domain with its own granular rules. The only way
a process can gain a domain is during execution, meaning such programs are the only entry points
into the domains. For example, if the policy has a specific domain for
to be a method to get from the initial SID, such as
Because this transition may need to occur,
This transition with
target_domain_t )
on anything executing from the
this execution occurs, the new process is assigned the domain
target domain such as
2.4. File System Security Contexts
This section covers how file system security contexts are defined and stored.
SELinux stores file security labels in xattrs
for
,
attr(5)
getfattr(1)
sociated with files. SELinux uses the security.selinux attribute. The xattrs can be stored with
files on a disk or in memory with pseudo file systems. Currently, most file system types support the
API for xattr, which allows for retrieving attribute information with
Some non-persistent objects can be controlled through the API. The pseudo-tty system controlled
through
is manipulated through
/dev/pts
the context of a tty device. Information about the tty is exported and available through
However,
libselinux
as
,
getfilecon(3)
Tip
It is recommended to use
There are two approaches to take for storing file security labels on a file system, such as ext2 or ext3.
One approach is to label every file system object (all files) with an individual security attribute
these labels are on the file system, the xattrs become authoritative for holding the state of security
labels on the system.
The other option is to label the entire file system with a single security attribute. This is called genfs
labeling. One example of this is with ISO9660 file systems, which are used for CD-ROMs and
files. This example from
ISO9660 file system.
1. Extended attributes are also called EAs. To be more concise, the term xattr is used in this guide.
2. These are defined initially for the system in
This
file
uses
regular
with a particular security label. These contexts are rendered into the installed version at
/etc/selinux/targeted/contexts/files/file_contexts
the operating system and software packages, or for checking or restoring files to their original state.
continues with its normal boot.
to re-execute itself is to accommodate stricter SELinux policy controls. The
happens if the rule
init
is present in the policy. This rule states that an automatic transition occurs
kernel_t
.
init_t
, and
setfattr(1)
provides a more useful set of functions layered on top of the xattr API, such
, and
setfilecon(3)
libselinux
$SELINUX_SRC/genfs_contexts
expression
matching
Chapter 2. SELinux Policy Overview
, to the proper runtime domain for
kernel
is coded to re-execute itself after loading the policy.
init
domain_auto_trans(kernel_t, init_exec_t,
domain that executes a file of type
1
. For more information about xattrs, read the manual pages
. Xattrs are stored as name-value property pairs as-
, enabling programs such as
setxattr(2)
setfscreatecon(3)
when managing file attributes in SELinux programmatically.
defines the context for every file on an
$SELINUX_SRC/file_contexts/types.fc
to
associate
, and are used during installation of
remains in the
init
such as
init
init_t
init_exec_t
target_domain_t
.
getxattr(2)
.
the
files
on
a
unconfined_t
, there has
.
init
. When
, using an actual
to change
sshd
.
getxattr(2)
2
. Once
.iso
.
particular
path
Advertisement
Table of Contents
