Support

Support for business applications

Kaspersky Endpoint Security 11 for Linux

Installing the application

Configuring permissive rules in the SELinux system

Kaspersky Endpoint Security 11 for Linux
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Configuring permissive rules in the SELinux system

December 12, 2023

ID 237162

If SELinux couldn't s be configured automatically during the initial setup of the application, or if you declined automatic configuration, you can manually configure SELinux to work with Kaspersky Endpoint Security.

To configure SELinux to work with the application:

  1. Switch SELinux to permissive mode:
    • If SELinux has been activated, run the following command:

      # setenforce Permissive

    • If SELinux was disabled, set the SELINUX=permissive setting in the configuration file / etc / selinux / config and restart the operating system.
  2. Make sure the semanage utility is installed on the system. If the utility is not installed, install the policycoreutils-python or policycoreutils-python-utils package, depending on the package manager.
  3. If you use a custom SELinux policy rather than the default targeted policy, assign a label for the following Kaspersky Endpoint Security source executable files in accordance with the SELinux policy used:
    • /var/opt/kaspersky/kesl/11.4.0.<build number>_<installation timestamp>/opt/kaspersky/kesl/libexec/kesl
    • /var/opt/kaspersky/kesl/11.4.0.<build number>_<installation timestamp>/opt/kaspersky/kesl/bin/kesl-control
    • /var/opt/kaspersky/kesl/11.4.0.<build number>_<installation timestamp>/opt/kaspersky/kesl/libexec/kesl-gui
    • /var/opt/kaspersky/kesl/11.4.0.<build number>_<installation timestamp>/opt/kaspersky/kesl/shared/kesl
  4. Run the following tasks:
    • File Threat Protection task:

      kesl-control --start-task 1

    • Critical Areas Scan task:

      kesl-control --start-task 4 -W

    It is recommended to run all the tasks that you plan to run while using Kaspersky Endpoint Security.

  5. Start the graphical user interface if you plan to use it.
  6. Ensure that there are no errors in the audit.log file:

    grep kesl /var/log/audit/audit.log

  7. If there are errors in the audit.log file, create and download a new rule module based on the blocking records in order to fix the errors, and then relaunch all the tasks that you plan to run while using Kaspersky Endpoint Security.

    If new audit messages related to Kaspersky Endpoint Security appear, the file with the rule module file must be updated.

  8. Switch SELinux to blocking mode:

    # setenforce Enforcing

If you use a custom SELinux policy, manually assign a label to Kaspersky Endpoint Security source executable files after installing application updates (follow steps 1, 3–8).

For additional information, please refer to the documentation on the relevant operating system.

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.