SELinux Targeted Policy for the Citadel Groupware Server

SELinux targeted policy module which extends kernel mandatory access control policies to the Citadel Groupware Server (both Citadel and the Webcit webserver). The module has been compiled and tested on Red Hat Enterprise Linux 5 and CentOS 5.

• SourceForge Project Page
• Download (via SourceForge)
• Citadel
• SELinux

Provides an additional layer of protection around the standalone git-daemon process.

The following packages must be installed for policy compilation:

• selinux-policy-targeted
• selinux-policy-devel

To install the prerequisite packages, use RPM or YUM.

Example: sudo yum install selinux-policy-devel

1. Unpack the archive (likely already completed if you are reading this)
2. Change to the “citadel” directory in the archive contents.
3. Adjust the file paths in the citserver.fc file to match the unique requirements of your distribution or system.
4. Run “make”.
5. Install the resulting citserver.pp SELinux module.Example: sudo /usr/sbin/semodule -i citserver.pp
6. Change to the “webcit” directory in the archive contents.
7. Adjust the file paths in the webcit.fc file to match the unique requirements of your distribution or system.
8. Run “make”.
9. Install the resulting citserver.pp SELinux module. Example: sudo /usr/sbin/semodule -i webcit.pp