Skip to content

Install policycoreutils Package

An XCCDF Rule

Description

The policycoreutils package can be installed with the following command:

$ sudo yum install policycoreutils

Rationale

Security-enhanced Linux is a feature of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement, Role-based Access Control, and Multi-level Security. policycoreutils contains the policy core utilities that are required for basic operation of an SELinux-enabled system. These utilities include load_policy to load SELinux policies, setfiles to label filesystems, newrole to switch roles, and so on.

ID
xccdf_org.ssgproject.content_rule_package_policycoreutils_installed
Severity
Low
References
Updated



Remediation - Ansible

- name: Ensure policycoreutils is installed
  package:
    name: policycoreutils
    state: present
  when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
  tags:

Remediation - Puppet

include install_policycoreutils

class install_policycoreutils {
  package { 'policycoreutils':
    ensure => 'installed',
  }

Remediation - Shell Script

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then

if ! rpm -q --quiet "policycoreutils" ; then
    yum install -y "policycoreutils"
fi

Remediation - Anaconda Pre-Install Instructions


package --add=policycoreutils

Remediation - OS Build Blueprint


[[packages]]
name = "policycoreutils"
version = "*"