Install libselinux Package
Description
The libselinux package can be installed with the following command:
$ sudo yum install libselinux
Rationale
Security-enhanced Linux is a feature of the Linux kernel and a number of utilities
with enhanced security functionality designed to add mandatory access controls to Linux.
The libselinux package contains the core library of the Security-enhanced Linux system.
Shell script
The following script can be run on the host to remediate the issue.
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
if ! rpm -q --quiet "libselinux" ; then
yum install -y "libselinux"
fi
else
>&2 echo 'Remediation is not applicable, nothing was done'
fi
Ansible playbook
The following playbook can be run with Ansible to remediate the issue.
- name: Ensure libselinux is installed
package:
name: libselinux
state: present
when: ansible\_virtualization\_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-82876-4
- enable\_strategy
- high\_severity
- low\_complexity
- low\_disruption
- no\_reboot\_needed
- package\_libselinux\_installed
