b2f8897d9c
Note, extra privileges may need to be granted to the samhain domain if its default configuration file(/etc/samhainrc) is changed. The samhain program could be used in the following way: (In secadm_r role) 1. Initialize filesystem signature database: newrole -l s15:c0.c1023 -p -- -c "samhain -t init" (Note, the current secadm console will be blocked until the database is completed) 2. Start samhain deamon to check filesystem integrity newrole -l s15:c0.c1023 -p -- -c "samhain -t check -D" 3. Update filesystem signature database: newrole -l s15:c0.c1023 -p -- -c "samhain -t update" (In sysadm_r role) 1. Start samhain in daemon mode: run_init /etc/init.d/samhain start 2. Stop samhain daemon: run_init /etc/init.d/samhain stop 3. Check samhain daemon status: run_init /etc/init.d/samhain status 4. Read/write samhain log files: newrole -l s15:c0.c1023 -p -- -c "cat /var/log/samhain_log" 5. Remove samhain database files newrole -l s15:c0.c1023 -p -- -c "rm /var/lib/samhain/samhain_file" Note: 1. Stop samhain daemon before updating signature database. 2. Don't try to start samhain daemon twice. 3. Need to toggle SELinux into the Permissive mode in order to remove the samhain_log files from /var/log/. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> |
||
|---|---|---|
| .. | ||
| flask | ||
| modules | ||
| support | ||
| constraints | ||
| global_booleans | ||
| global_tunables | ||
| mcs | ||
| mls | ||
| policy_capabilities | ||
| rolemap | ||
| users | ||