Configuring permissions in the SELinux system

To create an SELinux module with rules required for operation of Kaspersky Endpoint Security:

  1. Switch SELinux to permissive mode:
    • If SELinux has been activated, execute the following command:

      # setenforce Permissive

    • If SELinux was disabled, in the configuration file /etc/selinux/config specify the SELINUX=permissive parameter value and restart the operating system.
  2. Run the following tasks:
    • real-time protection task:

      kesl-control --start-t 1

    • process memory scan task:

      kesl-control --start-t 4 -W

    • boot sector scan task:

      kesl-control --start-t 5 -W

  3. Create a rules module on the basis of blocking records:

    grep kesl /var/log/audit/audit.log | audit2allow -M kesl

    Ensure that the generated list contains only rules related to Kaspersky Endpoint Security.

  4. Load the new rules module:

    # semodule -i kesl.pp

  5. Switch SELinux to enforcing mode:

    # setenforce Enforcing

If new audit messages related to Kaspersky Endpoint Security appear, the rules module file needs to be updated.

For additional information, please refer to the documentation on the relevant operating system.

Page top