I want to restrict the root to access a folder/directory which is created by another user.So that only that user can access that folder not even root. Is there any selinux configuration to do so this as I am not so known to selinux.
Asked
Active
Viewed 1,895 times
1 Answers
2
Other than creating and applying a policy, it appears the key to it is preventing the use of setenforce by the root user:
setsebool secure_mode_policyload on
I could find a nice how-to you might want to read:
http://blog.siphos.be/2015/07/restricting-even-root-access-to-a-folder
simlev
- 1,105
- 3
- 14
- 22