Poster of Linux kernelThe best gift for a Linux geek
mcs

mcs

Section: mcs documentation (8) Updated: 8 Sep 2005
Local index Up

 

NAME

mcs - Multi-Category System

 

DESCRIPTION

MCS (Multiple Category System) allows users to label files on their system within administrator defined categories. It then uses SELinux Mandatory Access Control to protect those files. MCS is a discretionary model to allow users to mark their data with additional tags that further restrict access. The only mandatory aspect is authorizing users for categories by defining their clearance in policy. However, MCS is similar to MLS and exercises the same code paths and share the same support infrastructure. They just differ in their specific configuration.

The /etc/selinux/{SELINUXTYPE}/setrans.conf configuration file translates the labels on disk to human readable form. Administrators can define any labels they want in this file. Certain applications like printing and auditing will use these labels to identify the files. By setting a category on a file you will prevent other applications/services from having access to the files.

Examples of file lables would be PatientRecord, CompanyConfidential etc.

 

SEE ALSO

selinux(8), chcon(1)

 

FILES

/etc/selinux/{SELINUXTYPE}/setrans.conf


 

Index

NAME
DESCRIPTION
SEE ALSO
FILES

This document was created by man2html, using the manual pages.
Time: 22:01:58 GMT, April 16, 2011