consultantshas.blogg.se - Nxfilter selinux policy

It is possible to build custom monolithic policies that only use the files installed in this area (i.e. The majority of files are installed by the Reference Policy, semanage(8) or semodule(8) commands.

1.26 contexts/files/file_contexts.subs and file_contexts.subs_dist FileĮach file discussed in this section is relative to the policy name as follows:.

1.24 contexts/files/file_contexts.local File.

1.21 contexts/virtual_image_context File.

1.20 contexts/virtual_domain_context File.

I'm going to create more policies, users and rules and try to do more tests and find out. In both machines, the DNS queries history were intact, no lost. On the RPI4, I still experiences policies lost, but users profile seemed to be fine. But the problem keeps happening.Īnd then I stopped running nxfilter in the 3B+, and move the service to the RPI4 which is a separate hardware.

I attempted to re-install the packages again and clear the /nxfilter directories. And I also remember losing free-time settings as well. Since sometime in early March, I started experiencing lost in both the policies and users. I did regularly update the versions by dpkg -i the deb packages. All runs fine since the beginning of the year. At the beginning I was running the 3B+ as master and the RPI4 as slave. I have two raspberry Pi - one is 4 and another is 3B+. Nxfilter_truncated.zip contains the nxfilter.logĪuto-2022031601.zip was the autobackup at 01:00 that the policy was still there.Ĭonfig-20220316141013.zip contains the DB after the policy was lost I'm pretty sure that I didn't operate the UI to remove the policy. So the update at 14:01 that would probably wiped the "Test" policy. I've found an entry at 14:01 with LocalTalkie.notifyUpdate on the policy table.Īnd inspect all the DNS query, after 14:02 there're no more entries logged with the "Test" policy, which matches the fact that somehow the policy was lost at 14:01 I can see the DNS request log is running good and able to log with the "Test" policyĪt 14:12, I've found the policy is lost again. version is v4.6.0.3Īt 13:27 today I've found the policy I setup last night was lost againĪt 13:31 I perform a systemctl stop of the nxfilter service, then I do a DB restoration by unzipping auto-2022031601.zip which is a autobackup in the morning (01:00), copying config.h2.db into the /nxfilter/db folderĪt 13:33, I start the nxfilter service againĪt 13:35, I go into the web admin and inspect and found the "Test" policy reappear again.

I'm running in a RPI4 box, as a system service (not docker). I attached the log and the DBs for inspection. I think now I'm able to see what's going on (but still dunno why) - let me try to outline the events I've encounter today.