[DRBD-user] selinux configuration for drbd on centOS 7.x

Andreas Pflug pgadmin at pse-consulting.de
Fri Jun 14 12:09:07 CEST 2019


Am 14.06.19 um 11:58 schrieb Robert Altnoeder:
> On 6/14/19 1:13 AM, Jagdish kumarDaram wrote:
>> Hi,
>>
>> What are the selinux parameters that should be used for drbd_t on
>> centOS 7.x?
> 
> Parameters? Do you mean the type enforcement rules involving the drbd_t
> type/domain?
> That would probably depend a lot on the exact environment, as different
> distributions may come with different types/domains configured, or may
> be targeted vs. strict setups, etc.
> A good starting point would probably be to use whatever policy came with
> the distribution, turn on the audit trail and run it in permissive mode
> on a test system to find out which rules are missing during normal
> operation with the applications you intend to run.

audit2allow is your friend to examine the audit log.

Regards
Andreas


More information about the drbd-user mailing list