SELinux contexts for Tenable software
by Brian-BBCM from LinuxQuestions.org on (#5PW64)
Hello,
We use the Tenable.sc scanner to monitor our network for compliance. As it turns out one of the only items left I need to fix has to do with the Tenable software itself. The following item are "unconfined" daemons according to SELinux. Does anyone have any recommendations on what context I should switch these two, or how else I can make them confined? Thank you
lce_wwwd
lce_clientd
tnmd
tfmd
lce_queryd
lce_tasld
lce_report_prox
lced
I was thinking of creating a new context called lce_t but didn't know if that was possible.
We use the Tenable.sc scanner to monitor our network for compliance. As it turns out one of the only items left I need to fix has to do with the Tenable software itself. The following item are "unconfined" daemons according to SELinux. Does anyone have any recommendations on what context I should switch these two, or how else I can make them confined? Thank you
lce_wwwd
lce_clientd
tnmd
tfmd
lce_queryd
lce_tasld
lce_report_prox
lced
I was thinking of creating a new context called lce_t but didn't know if that was possible.