Understanding Basic SELinux Implementation and Tools Flashcards
q
An implementation of a flexible mandatory access control MAC architecture in the Linux OS that incorporates a set of kernel modifications and user space tools
SELinux Security-Enhanced Linux
Modes of Operation (enforcing, permissive and disabled)
Security contexts (user, role, type and range or level)
Modes of operation
enforcing, permissive and disabled
security contexts
user, role, type and range or level
semanage
use the -l option to list objects specified
getenforce
retrieve the current modde of selinux
getsbool
retrieve se linx boolean values
estatus
retrieve the status of selinux
ls -z display security context in content list
ps- z display security context in process listse
semanage
selinux policy management tool
setenforce
modify the selinux mode
setsbool
set selinux boolean values
chcon
change file security context
restorecon
restore files default security context