AO SELinux

project: current stablemanagement: productionpackaging: active
java: >= 8semantic versioning: 2.0.0license: LGPL v3

Java API for managing Security-Enhanced Linux (SELinux).

Features

  • Clean programmatic access to semanage.
  • Implementation of semanage port commands:
    • Easily reconfigure all ports for a given SELinux type.
    • Automatically coalesces adjacent port ranges.
    • Presents a single cohesive view of all ports, hiding the nuance and complexity of the interactions between default policy and local policy.
    • Supports seamlessly overriding default policy.
    • Detects conflicts in local policy between different SELinux types.
  • Small footprint, minimal dependencies - not part of a big monolithic package.

Motivation

While migrating our servers to CentOS 7 we are running with SELinux in enforcing mode. Our server configuration process, AOServ Daemon, is written in the Java programming language. We desire a clean interface to SELinux without having to operate with semanage and other commands directly.