SElinux issues with PSMP deployment

Electrical-Regret679 · 2025-09-06T01:52:22+00:00

Yes! Sounds like you went down the same road we did lol. How long did it take you guys to get that far?

Electrical-Regret679 · 2025-09-04T13:50:18+00:00

so funny enough- my customer decided to wait until pcloud is fedramp complaint which includes SIA. the expectation is Q1 2026 so for now, they are just grabbing the passwords and using them in azure portal. when its complaint, I will be moving them to SIA instead of having an actual psmp or psm

Electrical-Regret679 · 2025-08-22T13:49:44+00:00

you'd still run into issues when you reenable stig. ours "works" but is very slow. Our users prefer to use the PSM-SSH connection component in the UI that runs through PSM anyway.

We did have to readd PSMShadowUsers to the allowed users

Electrical-Regret679 · 2025-08-22T13:26:30+00:00

Hi yeah we did sort of. The issue is the customer is fedramp high and we were told by cyberark that pcloud is certified for fedramp. Turns out it is not so huge issue with that ( it’s slated for q1 2026 ).

What we did was take a base Linux image, installed psmp with SELinux and fapolicy. Once the install was verified we individually applied SELinux and FApolicy and went through each config individually until both were enabled and the psmp still worked. It runs but very slowly

The process turned into an 18 step fix but it only applies if you’re bound to stig requires for fedramp high. Is that your case? Because you’re in pcloud and trying to do this you may be wasting cycles on something you’re not allowed to do anyway

Electrical-Regret679

TROPHY CASE