Skip to content

redpesk-core/sec-lsm-manager

Repository files navigation

SEC-LSM-MANAGER

Project Version SMACK build SELinux build Test coverage

Logo

Overview

sec-lsm-manager allows to easily create SMACK or SELinux security policies for applications. It is used in the redpesk project to guarantee the partitioning of applications within a Linux embedded system.

History

The sec-lsm-manager project is a redesign of the security-manager project presented in Tizen and Automotive Grade Linux systems. The code is lighter, more easily auditable and allows to use SELinux.

Usage

The project produces binaries :

  • sec-lsm-managerd (lauch smack or selinux daemon)
  • sec-lsm-manager-smackd (lauch smack daemon)
  • sec-lsm-manager-selinuxd (lauch selinux daemon)
  • sec-lsm-manager-cmd (Allows the client to communicate with the daemon in command line)

And a shared library :

  • libsec-lsm-manager.so

It is possible to access this library through the sec-lsm-manager.h file and the associated pkgconfig.

For more information about usage : Usage.md

How to compile?

To compile the project we use make and cmake.

The project has some dependencies:

  • libcap (capabilities management)

  • libsystemd (systemd socket activation)

  • libsmack (SMACK mode)

  • libselinux (SELinux mode)

  • libsemanage (SELinux mode)

  • sec-cynagora (permission database service)

By default the project is compiled with all these dependencies but only libcap is mandatory.

Here is an example to compile the project for SMACK and SELinux :

git clone https://github.com/redpesk-core/sec-lsm-manager
cd sec-lsm-manager
mkdir build
cd build
cmake -DWITH_SELINUX=ON -DWITH_SMACK=ON ..
make

For more information about compilation : Compilation.md

Architecture

Architecture

For more information about architecture : Architecture.md

About

Replacement for security-manager

Resources

License

Unknown, GPL-3.0 licenses found

Licenses found

Unknown
LICENSE.txt
GPL-3.0
LICENSE.GPLv3

Stars

Watchers

Forks

Packages

No packages published