[SOLVED] SELinux: Security Level (s0) shows on some servers and not others
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SELinux: Security Level (s0) shows on some servers and not others
We have a number of different servers all running the same version of RHEL, on the same kernel, all up to date on patches, etc. They have the same SELinux policies applied and the same /etc/selinux/config files.
Yet, on some systems, when I do an ls -lZ on, for example, /etc/httpd/conf the SELinux contexts will show as system_u:object_r:httpd_config_t but on other systems the exact same thing will show system_u:object_r:httpd_config_t:s0.
Why does the 's0' show on some servers and not others? Is there an SELinux setting that I'm missing that controls this? I've looked through the file_contexts and on all servers, it shows that /etc/httpd(/.*)? includes the s0.
Thanks for any tips on this.
Last edited by unSpawn; 08-21-2013 at 04:02 PM.
Reason: //Added vBB noparse tags
I agree. All of our SELinux policies are "targeted." I even tried checking to see if one system was Enforcing and another Permissive just in case that would make a difference. I figured there didn't seem to be any other variable I could look at. But they were both Enforcing.
The level remains the same regardless of what state SELinux is in. There's no variables to look at as the level doesn't matter if you're using a "targeted", and not a MLS, policy.
Yeah, I don't get why they're displayed differently on different servers. I did check that file, @Linux MR. The file on both systems is identical. I'm at a loss.
As it turns out, the common thread here is the mcstransd service. With the service running, it does NOT display the Security Level and with the service stopped, the Service Level is displayed when you use the -Z to list files or processes, etc.
The article that talks about this can be found at:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.