Find the answer to your Linux question:
Results 1 to 2 of 2
I have FINALLY taken the blinders off my Solaris eyes and have delved into the unix? world we now know as RHEL6. I am in the process of "hardening" a ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! HDBNGR's Avatar
    Join Date
    Jul 2013
    Location
    Chester, NH
    Posts
    1

    Ensure No Device Files are Unlabeled by SELinux


    I have FINALLY taken the blinders off my Solaris eyes and have delved into the unix? world we now know as RHEL6.

    I am in the process of "hardening" a RHEL6 workstation and one of my tasks is to "Ensure No Device Files are Unlabeled by SELinux"

    Device files, which are used for communication with important system resources, should be labeled with proper SELinux types. If any device files carry the SELinux type unlabeled_t, investigate the cause and correct the file's context.

    How does one determine if devices files are "unlabeled_t"?
    TIA

  2. #2
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    Quote Originally Posted by HDBNGR View Post
    How does one determine if devices files are "unlabeled_t"?
    From checking the audit log (ausearch with '-se unlabeled_t'?) or running 'find /some/path/ -context "*:unlabeled_t";'?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •