DOCSLIB.ORG

Open Submitted.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Open Submitted.Pdf The Pennsylvania State University The Graduate School PROTECTING PROGRAMS DURING RESOURCE ACCESS A Dissertation in Computer Science and Engineering by Hayawardh Vijayakumar c 2014 Hayawardh Vijayakumar Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy May 2014 The dissertation of Hayawardh Vijayakumar was reviewed and approved∗ by the following: Trent R. Jaeger Professor of Computer Science and Engineering Dissertation Advisor, Co-Chair of Committee Patrick D. McDaniel Professor of Computer Science and Engineering Co-Chair of Committee Bhuvan Urgaonkar Associate Professor of Computer Science and Engineering Constantino Lagoa Professor of Electrical Engineering Raj Acharya Professor of Computer Science and Engineering Head of the Department, Computer Science and Engineering ∗Signatures are on file in the Graduate School. Abstract With the emergence of targeted malware such as Stuxnet and the continued prevalence of spyware and other types of malicious software, host security has become a critical issue. Attackers break into systems through vulnerabilities in network daemons, malicious insiders, or social engineering, and then attempt to escalate privileges to the administrator to gain complete control of the system by exploiting local vulnerabilities. Thus far, such local vulnerabilities have received little attention, and it has been taken for granted that any attacker break-in can easily be escalated to full control. In this dissertation, we identify a class of previously disjoint local vulnerability attack classes that we call resource access attacks, and provide a framework to detect and defend against them. Programs have to fetch resources, such as files from the operating system (OS) to function. However, local adversaries such as spyware also share this namespace of resources, and can trick programs into retrieving an unintended resource using a variety of resource access attacks that make up 10-15% of vulnerabilities reported each year. Such attacks are challenging to defend for a few reasons. First, program checks to defend against such attacks cause a performance overhead, so programmers have an incentive to omit checks altogether. Second, there is a disconnect between the parties involved in resource access. On the one hand, due to this overhead, programmers omit checks under the expectation that the deployment’s access control policy will protect a subset of resources from adversaries. On the other hand, access control policies are framed by OS distributors and system administrators, who in turn have little idea about programmer expectations, causing mismatches with programmer expectations. Third, even when programmers check resource access, such checks are difficult to get right due to inherent races in the system call API. Previous work handles a subset of resource access attacks but in ad-hoc ways. This dissertation takes several steps to address resource access attacks. First, we present a technique for automated evaluation of a program attack surface in its system deployment, where checks for resource access are required. Second, we present a technique that uses this attack surface to detect a subset of resource access attacks. We found more than 25 previously-unknown vulnerabilities across a variety of both mature and new programs in the widely-used Fedora and Ubuntu Linux distributions, proving the prevalence of such vulnerabilities. Third, we present the Process Firewall, a system to defend against resource access attacks in an efficient manner without requiring program code change. Fourth, we propose a technique to automatically derive the programmer-expected attack surface of a program, and generate Process Firewall rules to enforce that the only adversary-controlled resource accesses in the deployment are part of the iii expected attack surface. The work in this dissertation thus provides a principled starting point to protect programs during resource access, thus reducing the vectors adversaries have to compromise a computer system. iv Contents List of Figures ix List of Tables xi Acknowledgments xiii Chapter 1 Introduction 1 1.1 The Challenge of Defending Resource Access Attacks ................. 2 1.2 Towards a Defense to Resource Access Attacks .................... 3 1.3 Challenges in Defense .................................. 4 1.4 Thesis Statement ..................................... 5 Chapter 2 Background 8 2.1 System Calls and Accessing Resources ......................... 8 2.2 Access Control on Resources ............................... 10 2.2.1 UNIX Discretionary Access Control ...................... 10 2.2.2 Mandatory Access Control ............................ 10 2.2.3 Obtaining Privilege ................................ 10 2.3 Resource Access Attacks ................................. 11 2.3.1 Untrusted Search Path .............................. 12 2.3.2 File/IPC Squat .................................. 13 2.3.3 Directory Traversal and PHP File Inclusion . 14 2.3.4 Link Following and TOCTTOU races ..................... 14 2.3.5 Signal Races ................................... 15 Chapter 3 Related Work 17 3.1 System Defenses ..................................... 17 3.2 Program Defenses .................................... 18 3.3 Detection of Program Vulnerabilities .......................... 19 v Chapter 4 Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies 20 4.1 Introduction ........................................ 20 4.2 Problem Definition .................................... 22 4.3 Design ........................................... 24 4.3.1 Building Integrity Walls ............................. 24 4.3.2 Identifying Attack Surfaces ........................... 26 4.4 Implementation ...................................... 28 4.4.1 Integrity Wall Construction ........................... 28 4.4.2 Identifying Attack Surfaces ........................... 29 4.4.3 Finding Attack Surfaces in Interpreted Code . 31 4.4.4 Enforcing Attack Surfaces ............................ 32 4.5 Evaluation ......................................... 32 4.5.1 Policy Analysis .................................. 33 4.5.2 Runtime Analysis ................................. 34 4.5.2.1 System TCB .............................. 34 4.5.2.2 Apache Webserver ........................... 35 4.5.2.3 Secure Shell Daemon ......................... 35 4.5.2.4 Icecat .................................. 38 4.6 Related Work ....................................... 38 4.7 Conclusion ........................................ 39 Chapter 5 STING: Finding Name Resolution Vulnerabilities in Programs 40 5.1 Introduction ........................................ 40 5.2 Problem Definition .................................... 43 5.2.1 Name Resolution Attacks ............................ 43 5.2.2 Detecting Name Resolution Attacks ...................... 45 5.2.2.0.1 Static Analysis ........................ 45 5.2.2.0.2 Dynamic Analysis ...................... 45 5.2.2.0.3 Symbolic Execution ..................... 46 5.2.3 Our Solution ................................... 46 5.3 Testing Model ....................................... 47 5.4 Design ........................................... 48 5.4.1 Attack Phase ................................... 49 5.4.2 Detect Phase ................................... 52 5.5 Implementation ...................................... 54 5.6 Evaluation ......................................... 55 5.6.1 Security Evaluation ............................... 55 5.6.1.1 Finding Vulnerabilities ........................ 56 5.6.1.2 Examples ................................ 58 vi 5.6.1.3 False Positives ............................. 60 5.6.2 Performance Evaluation ............................. 60 5.7 Related Work ....................................... 62 5.8 Discussion ......................................... 63 5.9 Conclusion ........................................ 64 Chapter 6 Process Firewalls: Protecting Processes During Resource Access 65 6.1 Introduction ........................................ 65 6.2 Problem Definition .................................... 68 6.2.1 Challenges in Preventing Resource Access Attacks . 69 6.2.2 Limitations of Prior Defenses .......................... 70 6.3 Solution Overview .................................... 72 6.4 Design ........................................... 73 6.4.1 Defining Attack-Specific Invariants ....................... 74 6.4.2 Checking Invariants ............................... 75 6.4.3 Finding Applicable Invariants .......................... 75 6.4.4 Retrieving Entrypoint Context ......................... 76 6.5 Implementation ...................................... 77 6.5.1 Process Firewall Rule Processing Loop ..................... 77 6.5.2 Process Firewall Rule Language ......................... 79 6.6 Evaluation ......................................... 80 6.6.1 Security Evaluation ............................... 80 6.6.1.1 Common Vulnerabilities ........................ 80 6.6.1.2 New Vulnerabilities Found ...................... 82 6.6.2 Process Firewall Performance .......................... 83 6.6.3 Rule Generation ................................. 84 6.6.3.1 Rule Generation Techniques ..................... 85 6.6.3.2 Rule Generation by OS Distributors . 87 6.7 Related Work ....................................... 88 6.8 Conclusion ........................................ 89 Chapter 7 Protecting Resource Access by Inferring Programmer Expectations 90 7.1 Introduction ........................................ 90 7.2
Load more

Recommended publications
  • The GNOME Census: Who Writes GNOME?
    The GNOME Census: Who writes GNOME? Dave Neary & Vanessa David, Neary Consulting © Neary Consulting 2010: Some rights reserved Table of Contents Introduction.........................................................................................3 What is GNOME?.............................................................................3 Project governance...........................................................................3 Why survey GNOME?.......................................................................4 Scope and methodology...................................................................5 Tools and Observations on Data Quality..........................................7 Results and analysis...........................................................................10 GNOME Project size.......................................................................10 The Long Tail..................................................................................11 Effects of commercialisation..........................................................14 Who does the work?.......................................................................15 Who maintains GNOME?................................................................17 Conclusions........................................................................................22 References.........................................................................................24 Appendix 1: Modules included in survey...........................................25 2 Introduction What
    [Show full text]
  • 1. D-Bus a D-Bus FAQ Szerint D-Bus Egy Interprocessz-Kommunikációs Protokoll, És Annak Referenciamegvalósítása
    Az Udev / D-Bus rendszer - a modern asztali Linuxok alapja A D-Bus rendszer minden modern Linux disztribúcióban jelen van, sőt mára már a Linux, és más UNIX jellegű, sőt nem UNIX rendszerek (különösen a desktopon futó változatok) egyik legalapvetőbb technológiája, és az ismerete a rendszergazdák számára lehetővé tesz néhány rendkívül hasznos trükköt, az alkalmazásfejlesztőknek pedig egyszerűen KÖTELEZŐ ismerniük. Miért ilyen fontos a D-Bus? Mit csinál? D-Bus alapú technológiát teszik lehetővé többek között azt, hogy közönséges felhasználóként a kedvenc asztali környezetünkbe bejelentkezve olyan feladatokat hajtsunk végre, amiket a kernel csak a root felasználónak engedne meg. Felmountolunk egy USB meghajtót? NetworkManagerrel konfiguráljuk a WiFi-t, a 3G internetet vagy bármilyen más hálózati csatolót, és kapcsolódunk egy hálózathoz? Figyelmeztetést kapunk a rendszertől, hogy új szoftverfrissítések érkeztek, majd telepítjük ezeket? Hibernáljuk, felfüggesztjük a gépet? A legtöbb esetben ma már D-Bus alapú technológiát használunk ilyen esetben. A D-Bus lehetővé teszi, hogy egymástól függetlenül, jellemzően más UID alatt indított szoftverösszetevők szabványos és biztonságos módon igénybe vegyék egymás szolgáltatásait. Ha valaha lesz a Linuxhoz professzionális desktop tűzfal vagy vírusirtó megoldás, a dolgok jelenlegi állasa szerint annak is D- Bus technológiát kell használnia. A D-Bus technológia legfontosabb ihletője a KDE DCOP rendszere volt, és mára a D-Bus leváltotta a DCOP-ot, csakúgy, mint a Gnome Bonobo technológiáját. 1. D-Bus A D-Bus FAQ szerint D-Bus egy interprocessz-kommunikációs protokoll, és annak referenciamegvalósítása. Ezen referenciamegvalósítás egyik összetevője, a libdbus könyvtár a D- Bus szabványnak megfelelő kommunikáció megvalósítását segíti. Egy másik összetevő, a dbus- daemon a D-Bus üzenetek routolásáért, szórásáért felelős.
    [Show full text]
  • Dell™ Gigaos 6.5 Release Notes July 2015
    Dell™ GigaOS 6.5 Release Notes July 2015 These release notes provide information about the Dell™ GigaOS release. • About Dell GigaOS 6.5 • System requirements • Product licensing • Third-party contributions • About Dell About Dell GigaOS 6.5 For complete product documentation, visit http://software.dell.com/support/. System requirements Not applicable. Product licensing Not applicable. Third-party contributions Source code is available for this component on http://opensource.dell.com/releases/Dell_Software. Dell will ship the source code to this component for a modest fee in response to a request emailed to [email protected]. This product contains the following third-party components. For third-party license information, go to http://software.dell.com/legal/license-agreements.aspx. Source code for components marked with an asterisk (*) is available at http://opensource.dell.com. Dell GigaOS 6.5 1 Release Notes Table 1. List of third-party contributions Component License or acknowledgment abyssinica-fonts 1.0 SIL Open Font License 1.1 ©2003-2013 SIL International, all rights reserved acl 2.2.49 GPL (GNU General Public License) 2.0 acpid 1.0.10 GPL (GNU General Public License) 2.0 alsa-lib 1.0.22 GNU Lesser General Public License 2.1 alsa-plugins 1.0.21 GNU Lesser General Public License 2.1 alsa-utils 1.0.22 GNU Lesser General Public License 2.1 at 3.1.10 GPL (GNU General Public License) 2.0 atk 1.30.0 LGPL (GNU Lesser General Public License) 2.1 attr 2.4.44 GPL (GNU General Public License) 2.0 audit 2.2 GPL (GNU General Public License) 2.0 authconfig 6.1.12 GPL (GNU General Public License) 2.0 avahi 0.6.25 GNU Lesser General Public License 2.1 b43-fwcutter 012 GNU General Public License 2.0 basesystem 10.0 GPL (GNU General Public License) 3 bash 4.1.2-15 GPL (GNU General Public License) 3 bc 1.06.95 GPL (GNU General Public License) 2.0 bind 9.8.2 ISC 1995-2011.
    [Show full text]
  • The Fedora Project
    Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora The Fedora Project A. Mani Member, Calcutta Mathematical Society Fedora QA-Ambassador-Documentation Indian GNU/Linux Users Group, Kolkata Chapter (ILUG-CALInfo) E-Mail: a:mani@member:ams:org Homepage: http://www.logicamani.co.cc SOFTWARE FREEDOM DAY, KOLKATA 15th Sept'2009 Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora ABSTRACT An overview of the Fedora project is presented. Apart from giving a feel of the structure and working of the Fedora community, we also mention some important technical features of the Fedora Linux operating system. Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora Outline 1 Introduction 2 Fedora Features 3 Security 4 Important Packages 5 Spins and Remixes 6 Contributing to Fedora Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora What is Fedora? • 100% Free, Legal, Redistributable OS • Has over 25,000 Contributors • Includes the Latest Upstream Developments • Is a Stable, Secure, Powerful and User-Friendly OS • Is Upstream for RHEL, OLPC and Others • Has Over 10,000 Packages Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora FOSS Fedora guarantees the Four Freedoms: • The freedom to run the program, for any purpose • The freedom to study how the program works, and adapt it to your needs • The freedom to redistribute copies so you can help others • The freedom to improve the program, and release your improvements to the public, so that the whole community benefits Introduction Fedora Features Security Important Packages Spins and Remixes Contributing to Fedora Who uses Fedora? • Roadrunner, the number one Supercomputer in the world • Over a hundred derivative distributions • RHEL and OLPC • Even some Robots do • Many universities and institutes in West Bengal • A.
    [Show full text]
  • GL250 Enterprise Linux Systems Administration
    EVALUATION COPY Unauthorized Reproduction or Enterprise Distribution Linux Systems AdministrationProhibited Student Workbook EVALUATION COPY Unauthorized Reproduction GL250 ENTERPRISE LINUX SYSTEMS ADMINISTRATION RHEL7 SLES12 or Distribution The contents of this course and all its modules and related materials, including handouts to audience members, are copyright ©2017 Guru Labs L.C. No part of this publication may be stored in a retrieval system, transmitted or reproduced in any way, including, but not limited to, photocopy, photograph, magnetic, electronic or other record, without the prior written permission of Guru Labs. This curriculum contains proprietary information which is for the exclusive use of customers of Guru Labs L.C., and is not to be shared with personnel other than those in attendance at this course. This instructional program, including all material provided herein, is supplied without any guarantees from Guru Labs L.C. Guru Labs L.C. assumes no liability for damages or legal action arising from Prohibited the use or misuse of contents or details contained herein. Photocopying any part of this manual without prior written consent of Guru Labs L.C. is a violation of federal law. This manual should not appear to be a photocopy. If you believe that Guru Labs training materials are being photocopied without permission, please email [email protected] or call 1-801-298-5227. Guru Labs L.C. accepts no liability for any claims, demands, losses, damages, costs or expenses suffered or incurred howsoever arising from or in connection
    [Show full text]
  • Technical Notes All Changes in Fedora 13
    Fedora 13 Technical Notes All changes in Fedora 13 Edited by The Fedora Docs Team Copyright © 2010 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. For guidelines on the permitted uses of the Fedora trademarks, refer to https:// fedoraproject.org/wiki/Legal:Trademark_guidelines. Linux® is the registered trademark of Linus Torvalds in the United States and other countries. Java® is a registered trademark of Oracle and/or its affiliates. XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. All other trademarks are the property of their respective owners. Abstract This document lists all changed packages between Fedora 12 and Fedora 13.
    [Show full text]
  • List of Applications Updated in ARL #2581
    List of Applications Updated in ARL #2581 Application Name Publisher .NET Core Runtime 3.0 Preview Microsoft .NET Core Toolset 3.1 Preview Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.6 Microsoft .NET Framework Developer Pack 4.7 Microsoft .NET Framework Multi-Targeting Pack for Windows Store Apps 4.5 RC Microsoft .NET Framework SDK 4.8 Microsoft _connect.BRAIN 4.8 Bizerba 2200 TapeStation Software 3.1 Agilent Technologies 2200 TapeStation Software 3.2 Agilent Technologies 24x7 Automation Suite 3.6 SoftTree Technologies 3500 Rack Configuration Software 6.0 Bently Nevada 365 16.0 Microsoft 3D Sprint 2.10 3D Systems 3D Sprint 2.11 3D Systems 3D Sprint 2.12 3D Systems 3D Viewer Microsoft 3PAR Host Explorer VMware 4.0 HP 4059 Extended Edition Attendant Console 2.1 ALE International 4uKey 1.4 Tenorshare 4uKey 1.6 Tenorshare 4uKey 2.2 Tenorshare 50 Accounts 21.0 Sage Group 50 Accounts 25.1 Sage Group 793 Controller Software 5.8 MTS Systems 793 Controller Software 5.9 MTS Systems 793 Controller Software 6.1 MTS Systems 7-Zip 19.00 Igor Pavlov ABAQUS 2018 Student Dassault Systemes ABAQUS 2019 Student Dassault Systemes Abstract 73.0 Elastic Projects ABU Service 14.10 Teradata Access Client 3.5 Barracuda Networks Access Client 3.7 Barracuda Networks Access Client 4.1 Barracuda Networks Access Module for Azure 15.1 Teradata Access Security Gateway (ASG) Soft Key Avaya AccuNest 10.3 Gerber Technology AccuNest 11.0 Gerber Technology ACDSee 2.3 Free ACD Systems ACDSee 2.4 Free ACD Systems ACDSee Photo Studio 2019 Professional ACD Systems
    [Show full text]
  • Gl615 Linux for Unix Administrators Rhel7 Sles12
    EVALUATION COPY Unauthorized Reproduction or Distribution Linux for Unix AdministratorsProhibited Student Workbook EVALUATION COPY Unauthorized Reproduction GL615 LINUX FOR UNIX ADMINISTRATORS RHEL7 SLES12 or Distribution The contents of this course and all its modules and related materials, including handouts to audience members, are copyright ©2017 Guru Labs L.C. No part of this publication may be stored in a retrieval system, transmitted or reproduced in any way, including, but not limited to, photocopy, photograph, magnetic, electronic or other record, without the prior written permission of Guru Labs. This curriculum contains proprietary information which is for the exclusive use of customers of Guru Labs L.C., and is not to be shared with personnel other than those in attendance at this course. This instructional program, including all material provided herein, is supplied without any guarantees from Guru Labs L.C. Guru Labs L.C. assumes no liability for damages or legal action arising from Prohibited the use or misuse of contents or details contained herein. Photocopying any part of this manual without prior written consent of Guru Labs L.C. is a violation of federal law. This manual should not appear to be a photocopy. If you believe that Guru Labs training materials are being photocopied without permission, please email [email protected] or call 1-801-298-5227. Guru Labs L.C. accepts no liability for any claims, demands, losses, damages, costs or expenses suffered or incurred howsoever arising from or in connection with the
    [Show full text]
  • Red Hat Enterprise Linux 7 Migration Planning Guide
    Red Hat Enterprise Linux 7 Migration Planning Guide Key differences between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 Last Updated: 2021-09-21 Red Hat Enterprise Linux 7 Migration Planning Guide Key differences between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent.
    [Show full text]
  • Replugging the Modern Desktop
    Replugging the Modern Desktop Kay Sievers <[email protected]> David Zeuthen <[email protected]> Linux Plumbers Conference Portland, OR, Sept 2009 History ● Back in the day ● /sbin/hotplug, scan entire /dev, /proc/scsi/scsi, /proc/partitions ● magicdev, supermount, subfs ● User conf / passwords stored in /etc or hard-coded ● Millions of LOC running as uid 0 History ● Back in the day ● /sbin/hotplug, scan entire /dev, /proc/scsi/scsi, /proc/partitions ● magicdev, supermount, subfs ● User conf / passwords stored in /etc or hard-coded ● Millions of LOC running as uid 0 ● Early Desktop Integration ● HAL, D-Bus, PolicyKit ● Separate Mechanism and Policy ● But... Implementation too complex, not scalable, not focused, too many abstractions ● Cutting the same cake in a different way ● 1st piece: Move device discovery/enumeration, classification, quirks, probing, event propagation to udev ● 2nd piece: Write libudev ● 3rd piece: Dedicated system services for major subsystems – DeviceKit-disks, DeviceKit-power, NetworkManager, PulseAudio, Bluez, Gypsy, ... ● 4th piece: Port the world to subsystem services – Apps using simple subsystems use libudev (Cheese) ApplicationApplication libudevlibudev Login Session udevd Kernel Space Kernel Application Application libdbus Login Session Subsystem System ApplicationServices Space libudevlibudev udevd Kernel Space Kernel Application Application Application Application Application Application libudevlibudev libudevlibudev libdbus ... Session 1 Session 2 Subsystem System ApplicationServices Space libudevlibudev udevd Kernel Space Kernel Application Application Application Application Application Application libudevlibudev libudevlibudev libdbus ... Session 1 Session 2 Other Services: Subsystem System System Message Bus ApplicationServices Space (D-Bus) libudevlibudev Session Tracking (ConsoleKit) Authority (PolicyKit) udevd ... Kernel Space Kernel kernel devices show up in a device tree in /sys /sys/devices |-- pci0000:00 ..
    [Show full text]
  • Power Management Guide
    Red Hat Enterprise Linux 7 Power Management Guide Managing and optimizing power consumption on RHEL 7 Last Updated: 2020-08-11 Red Hat Enterprise Linux 7 Power Management Guide Managing and optimizing power consumption on RHEL 7 Marie Doleželová Red Hat Customer Content Services [email protected] Jana Heves Red Hat Customer Content Services Jacquelynn East Red Hat Customer Content Services Don Domingo Red Hat Customer Content Services Rüdiger Landmann Red Hat Customer Content Services Jack Reed Red Hat Customer Content Services Red Hat, Inc. Legal Notice Copyright © 2017 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
    [Show full text]
  • Installed Packages Red Hat Enterprise Linux
    Installed Packages 389-ds-base.x86_64 1.2.11.15-60.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 389-ds-base-libs.x86_64 1.2.11.15-60.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ConsoleKit.x86_64 0.4.1-3.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ConsoleKit-libs.x86_64 0.4.1-3.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ConsoleKit-x11.x86_64 0.4.1-3.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 DeviceKit-power.x86_64 014-3.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 GConf2.x86_64 2.28.0-6.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 GConf2-devel.x86_64 2.28.0-6.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 GConf2-gtk.x86_64 2.28.0-6.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ImageMagick.x86_64 6.7.2.7-2.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 MAKEDEV.x86_64 3.24-6.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ModemManager.x86_64 0.4.0-5.git20100628.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 MySQL-python.x86_64 1.2.3-0.3.c1.1.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 NetworkManager.x86_64 1:0.8.1-99.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 NetworkManager-glib.x86_64 1:0.8.1-99.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 NetworkManager-gnome.x86_64 1:0.8.1-99.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7 ORBit2.x86_64 2.14.17-5.el6 @anaconda-RedHatEnterpriseLinux-201507020259.x86_64/6.7
    [Show full text]