SELinux couple of questions

Support for security such as Firewalls and securing linux
dimko
Posts: 1
Joined: 2018/02/11 03:48:07

SELinux couple of questions

Postby dimko » 2018/02/11 04:09:37

Hello fellow Geeks,

Trying to get consistent understanding of SELinux

Can already solve real world problems, but I am lucking solid understanding.
Anyone has any good documentation?

I am struggling to understand modules/rules. I can understand following: user:role:type:range I understand difference between user in OS and user in SELinux,
But where rules are coming from? Where modules come from? I need detailed manual with explanation of every concept that concerns. Which brings to actual problem.

    Problem 1:
I have read this: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7-beta/html-single/selinux_users_and_administrators_guide/#sect-Security-Enhanced_Linux-Booleans-Shell_Auto-Completion

Auto completion doesn't seem to work for me. Lets say I type

Code: Select all

semanage logi
' I hit TAB and nothing happens, when supposed to autocomplete to '

Code: Select all

semanage login
Does it work for anyone else?

I have Centos 7, freshly updated. semanage is installed today. Virtual machine(KVM). AMD64 issue reproducible from window of VM and from SSH. General autocompletion works fine.

    Problem 2:
And second question that bothers me. Does SELinux have its own set of regular expressions?
From same documentation: 'The "

Code: Select all

/web(/.*)?
" regular expression causes semanage to apply changes to web/, as well as the files in it.' Why not

Code: Select all

/web/*
?