Install policycoreutils Package
An XCCDF Rule
Description
The policycoreutils package can be installed with the following command:
$ sudo dnf install policycoreutils
Rationale
Security-enhanced Linux is a feature of the Linux kernel and a number of utilities
with enhanced security functionality designed to add mandatory access controls to Linux.
The Security-enhanced Linux kernel contains new architectural components originally
developed to improve security of the Flask operating system. These architectural components
provide general support for the enforcement of many kinds of mandatory access control
policies, including those based on the concepts of Type Enforcement, Role-based Access
Control, and Multi-level Security.
policycoreutils contains the policy core utilities that are required for
basic operation of an SELinux-enabled system. These utilities include load_policy
to load SELinux policies, setfiles to label filesystems, newrole to
switch roles, and so on.
- ID
- xccdf_org.ssgproject.content_rule_package_policycoreutils_installed
- Severity
- Low
- Updated
Remediation - Puppet
include install_policycoreutils
class install_policycoreutils {
package { 'policycoreutils':
ensure => 'installed',
}
Remediation - Anaconda Pre-Install Instructions
package --add=policycoreutils
Remediation - OS Build Blueprint
[[packages]]
name = "policycoreutils"
version = "*"
Remediation - Ansible
- name: Ensure policycoreutils is installed
package:
name: policycoreutils
state: present
when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
if ! rpm -q --quiet "policycoreutils" ; then
dnf install -y "policycoreutils"
fi