RedHat – Ryan Chapin's Website

How To Compile and Install New SELinux Plicy Modules

Posted on February 2, 2018January 23, 2021 by rchapin

Following is a quick how-to on compiling and adding addition SELinux modules.

When configuring and deploying new and/or custom services on systems that are enforcing SELinux you will likely have to compile addition SELinux modules.

This how-to includes how to go through each step of compiling a new module one-by-one; similar to the model of breaking down the compilation of C and C++ into it’s composite steps.

Step 1: Gather the audit.log entries

You will need to determine which → Continue reading “How To Compile and Install New SELinux Plicy Modules”

[SOLVED] Unable to Customize Keyboard Shortcuts for Switching Between More Than 4 Workspaces in GNOME on CentOS 7 or RHEL 7

Posted on August 22, 2017January 23, 2021 by rchapin

I am working on a VM that is running GNOME under RHEL 7 and I typically run with 12 workspaces. The default GNOME install only has the keyboard shortcut configurations up to “Switch to workspace 4”.

It turns out that the solutions is to use the gsettings cli tool to add additional shorcuts.

$ gsettings set org.gnome.desktop.wm.keybindings switch-to-workspace-5 "[\"<ControlF5\"]"
$ gsettings set org.gnome.desktop.wm.keybindings move-to-workspace-5 "[\"<Alt5\"]"

→ Continue reading

How to See SELinux Denials That Do Not Show In the audit.log

Posted on July 20, 2017January 23, 2021 by rchapin

Or, otherwise know as: SELinux and Silent Denials.

Sometimes when troubleshooting SELinux issues, you will have added new policies for each of the denial causes written to the audit.log, but SELinux will still be denying access . . . and not giving you any further information about it in the audit.log.

Various processes often execute additional system calls that are above an beyond what they need to do for normal operation. Many of them are blocked, and in order to → Continue reading “How to See SELinux Denials That Do Not Show In the audit.log”