Troubleshooting

As stated earlier, policies written without a target user or resource, end up being valid for the entire system, increasing the risk of a total system lock.

The service secpack-maestro will always be running and updating the rules as they are registered in senhasegura . But if there is a need for manual intervention on the device, perform the following procedure:

1. Using the root user, stop running the service secpack-maestro

   service secpack-maestro stop 

2. Run the caitsith-loadpolicy binary to remove the desired policies. We will remove the previously created policy as an example.

   echo 'delete 100 acl write path = "/etc/oracle/tnsnames.ora"' \| /usr/sbin/caitsith-loadpolicy 

3. Validate that the policy has been removed by re-checking the applied file

   cat /sys/kernel/security/caitsith/policy 

4. Make changes to senhasegura so that the rule is not applied again

5. Restart the service secpack-maestro

   service secpack-maestro start