Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why does SETroubleShoot use RPC?

RPC setroubleshoot
0
Posted

Why does SETroubleShoot use RPC?

0 CommentsAdd a Comment

1 Answer

0

SETroubleshoot is composed of two fundamental parts. A system daemon (setroubleshootd) running with root privlegesm, often referred to as the server and 1 or more clients which connect to the setroubleshootd server to receive notifications of new AVC denials and query the history of AVC denials on a particular node. The daemon (server) needs to exist for two fundamental reasons: It needs to run with root priveldges to interact with the audit system, perform system operations, and then to isolate the information it manages from user level processes. In addition by acting as a server on a particular node it is possible to build a distributed system whereby remote clients can connect to multiple nodes to listen for alerts or query their alert history. Initially only the client is sealert. sealert can operate either as a desktop GUI component or a command line tool. One can think of the server (setroubleshootd) as the process which manages data and the client (sealert) as the process which

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.