Infrastructure/RFR/SELinux

= Project Sponsor = Name: Daniel Walsh

Wiki Name: SELinux Troubleshoot

Fedora Account Name: Dan,Walsh

Group: Red Hat Engineering

Infrastructure Sponsor: Paulo Santos

Secondary Contact info
Name:

Wiki Name:

Fedora Account Name:

Group:

Project Info
Project Name: SELinux Troubleshoot Tool

Target Audience: Fedora System Administrators

Expiration Date (required): No Experation.

Description/Summary:

Setup a Xen Instance running a web server to help Fedora Users diagnose SELinux AVC messages

Project plan (Detailed):

I would like to setup a Xen instance running an apache web server, that is totally locked down by SELinux. This web server would allow users to upload SELinux audit logs. The logs would be run through the SELinux Troubleshoot Database and suggested fixes would be displayed to the user. Since this machine would be taking random data from the internet, I do not believe this machine should be running any other services and will be locked down with the tightest possible SELinux policy.

Goals:

Specific resources needed
FC6 or later xen instance. Memory: Minimum required to run FC6/FC7 Disk space: Minimum required to run FC6/FC7 + 100 MB. NICs: 1 Visible from internet: yes Other: No other requirements, this should be a very minimal machine. It should have logging done remotely though, in case it gets hacked.

Additional Info (Optional)
https://www.redhat.com/archives/fedora-selinux-list/2007-June/msg00156.html