A userspace Process Classifier based on SELinux Security_context(PCSS)
Thanks to SourceForge.Net
for hosting the project
The idea behind using Process classifier is to reduce the burdan of sys_admin from reconfiguring the sytems (like CKRM,
CPUSETs and ELSA etc) process membership, everytime when system or any process restarts.
For classification of these processes we can use PCSS that classifies processes according to their SElinux Security context.
We propose PCSS(Process Classifier based on SELinux Security-Context) - A user space process classifier that groups all processes based on their SELinux security-context. Some information is required to be sent to user space, whenever there is a change in the security-context of a process. In this project, we use connectors to report the change in process's security-context to user space. When a process is created or the security-context of a process is changed, connectors send packets (containing security-context) from kernel space to user space using netlink sockets. PCSS uses the security-context associated with the process to decide the group of the process.
So, after the classification of a process based on SELinux security-context, all policies written in the policy database of SELinux for that security-context will be applicable on the group of processes. The rationale behind using SELinux security-context as the basis of classification is, the persistent nature of the context associated with a process and flexibility in associating security-context to a process by considering not only the context of executable, but also users security context. That makes the system robust as little intervention of administrator is expected over the reboots.
For comments about the project, please send email to