Configuring permissions in the SELinux system
January 20, 2022
ID 161238
To create a SELinux module with rules required for operation of Kaspersky Endpoint Security:
- Switch SELinux to permissive mode:
- If SELinux has been activated, execute the following command:
# setenforce Permissive
- If SELinux was disabled, in the configuration file
/etc/selinux/config
specify theSELINUX=permissive
parameter value and restart the operating system.
- If SELinux has been activated, execute the following command:
- Run the following tasks:
- File Threat Protection task:
kesl-control --start-task 1
- boot sector scan task:
kesl-control --start-task 4 -W
- process memory scan task:
kesl-control --start-task 5 -W
It is recommended to run all tasks that you plan to run while using Kaspersky Endpoint Security.
- File Threat Protection task:
- Create a rules module on the basis of blocking records:
grep kesl /var/log/audit/audit.log | audit2allow -M kesl
Ensure that the generated list contains only rules related to Kaspersky Endpoint Security.
- Load the new rules module:
# semodule -i kesl.pp
- Switch SELinux to enforcing mode:
# setenforce Enforcing
If new audit messages related to Kaspersky Endpoint Security appear, the rules module file needs to be updated.
For additional information, please refer to the documentation on the relevant operating system.