Ensure the MCS Translation Service (mcstrans) is Not Installed : iCompaas Support

Ensure the MCS Translation Service (mcstrans) is Not Installed Print

Created by: iCompaas Tech Support

Modified on: Mon, 26 May, 2025 at 2:38 AM

Profile Applicability:
• Level 1

Description:
The MCS Translation Service (mcstrans) is a daemon used by SELinux to manage multi-category security (MCS) translations. While useful in some environments, it is not necessary for most systems and can increase the attack surface if installed unnecessarily.

Rationale:
Removing or not installing the mcstrans service reduces the system’s attack surface and minimizes potential vulnerabilities related to this service.

Impact:
Pros:

Reduces attack surface by eliminating unnecessary services.
Simplifies system security management.

Cons:

May affect SELinux MCS functionality if required by specific applications.

Default Value:
mcstrans is installed by default on some SELinux-enabled systems.

Pre-requisites:

Root or sudo privileges to manage installed packages.

Remediation:

Test Plan:

Using Linux command line:

Check if mcstrans is installed:
```
rpm -q mcstrans
```
Confirm that the package is not installed.

Implementation Plan:

Using Linux command line:

1. Remove mcstrans package if installed:

yum remove mcstrans -y

2. Verify removal:

rpm -q mcstrans

Backout Plan:

Using Linux command line:

1. Reinstall mcstrans if needed:

yum install mcstrans -y

2. Verify installation:

rpm -q mcstrans

References:

CIS Amazon Linux 2 Benchmark v3.0.0
SELinux Project Documentation

iCompaas is the author of this solution article.

Did you find it helpful? Yes No

Ensure the MCS Translation Service (mcstrans) is Not Installed Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles