Code: Select all
$ sandbox
/usr/bin/sandbox: Sandbox Policy is not currently installed.
You need to install the selinux-policy-sandbox package in order to run this command
What does it mean?sickpig wrote:Open the moathack3rcon wrote:When I want to use sandbox
I do not suppose that policy is for the sandbox package you have installed.hack3rcon wrote:I installed "policycoreutils-sandbox" package too, but problem exist.
How can I solve it?
You mean is that I must write it myself?sickpig wrote:I do not suppose that policy is for the sandbox package you have installed.hack3rcon wrote:I installed "policycoreutils-sandbox" package too, but problem exist.
How can I solve it?
You can inspect the current policies here /sys/fs/selinux/policy.
I reckon you need to create a custom policy for your sandbox application if the policy for it is not included in the standard defined selinux policies.
I would look here https://access.redhat.com/documentation ... ng-selinux to create a custom policy.
Code: Select all
$ sudo apt-get install policycoreutils-sandbox
Reading package lists... Done
Building dependency tree
Reading state information... Done
policycoreutils-sandbox is already the newest version (2.8-3).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
$ sandbox
/usr/bin/sandbox: Sandbox Policy is not currently installed.
You need to install the selinux-policy-sandbox package in order to run this command
$
I guess you really should start reading at least the information about packages you install.hack3rcon wrote:I guess this feature don't exist on Debian.
Code: Select all
# apt show policycoreutils-sandbox
Package: policycoreutils-sandbox
Version: 2.8-3
Priority: optional
Section: utils
Source: selinux-python
Maintainer: Debian SELinux maintainers <selinux-devel@lists.alioth.debian.org>
Installed-Size: 71.7 kB
Depends: dbus (>= 1.8), gir1.2-gtk-3.0, libcap2-bin, policycoreutils, python3, python3-gi, x11-xserver-utils, xserver-xephyr, libc6 (>= 2.27), libcap-ng0 (>= 0.7.9), libselinux1 (>= 2.8)
Recommends: openbox | x-window-manager
Homepage: http://userspace.selinuxproject.org/
Download-Size: 33.3 kB
APT-Sources: http://deb.debian.org/debian buster/main amd64 Packages
Description: SELinux core policy utilities (graphical sandboxes)
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access Control,
and Multi-level Security.
.
This package contains the scripts to create graphical sandboxes.
.
This package requires an additional custom policy that is not present in
Debian.
Abraham Lincoln didn't realized that overheated capitalism leads to destruction of *all* the aspects of a free trade - today 1% of people owns 99% of the world - the rest of humanity has nothing besides the debts (and a huge number of humans have a problem with finding something to eat)pcalvert wrote:“Property is the fruit of labor; property is desirable; it is a positive good
in the world. That some should be rich shows that others may become
rich, and hence is just encouragement to industry and enterprise.”
— Abraham Lincoln
