Difference between revisions of "SELinux"
Jump to navigation
Jump to search
↑ "SELinux/Commands - FedoraProject". Retrieved 2015-11-25.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "chcon". Linuxcommand.org. Archived from the original on 2004-10-24. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "restorecon(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "restorecond(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "runcon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "secon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "fixfiles(8): fix file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "setfiles(8): set file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "load_policy(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "booleans(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "getsebool(8): SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "setsebool(8): set SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "togglesebool(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing". Canonical Ltd. Archived from the original on 2012-12-20. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if". Canonical Ltd. Archived from the original on 2013-02-09. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy". Canonical Ltd. Archived from the original on 2012-04-04. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
(As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.) |
|||
| Line 5: | Line 5: | ||
SELinux is available in [[RHEL]] 4 since 2005 and in [[Ubuntu]]. As of 2018 [[Ubuntu]] 18.04 LTS do not install SELinux by default. | SELinux is available in [[RHEL]] 4 since 2005 and in [[Ubuntu]]. As of 2018 [[Ubuntu]] 18.04 LTS do not install SELinux by default. | ||
| + | |||
| + | |||
| + | Command-line utilities include:<ref>{{cite web|url=https://fedoraproject.org/wiki/SELinux/Commands |title=SELinux/Commands - FedoraProject |accessdate=2015-11-25}}</ref> | ||
| + | <code>chcon</code>,<ref>{{cite web |url=http://linuxcommand.org/man_pages/chcon1.html |archive-url=https://web.archive.org/web/20041024211853/http://linuxcommand.org/man_pages/chcon1.html |url-status=dead |archive-date=2004-10-24 |title=chcon |publisher=Linuxcommand.org |accessdate=2013-02-06 }}</ref> | ||
| + | <code>restorecon</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecon |title=restorecon(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>restorecond</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecond |title=restorecond(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>runcon</code>,<ref>{{cite web|url=http://linux.die.net/man/1/runcon |title=runcon(1) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>secon</code>,<ref>{{cite web|url=http://linux.die.net/man/1/secon |title=secon(1) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>fixfiles</code>,<ref>{{cite web|url=http://linux.die.net/man/8/fixfiles |title=fixfiles(8): fix file SELinux security contexts - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>setfiles</code>,<ref name="auto">{{cite web|url=http://linux.die.net/man/8/setfiles |title=setfiles(8): set file SELinux security contexts - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>load_policy</code>,<ref>{{cite web|url=http://linux.die.net/man/8/load_policy |title=load_policy(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>booleans</code>,<ref>{{cite web|url=http://linux.die.net/man/8/booleans |title=booleans(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>getsebool</code>,<ref>{{cite web|url=http://linux.die.net/man/8/getsebool |title=getsebool(8): SELinux boolean value - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>setsebool</code>,<ref>{{cite web|url=http://linux.die.net/man/8/setsebool |title=setsebool(8): set SELinux boolean value - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>togglesebool</code><ref>{{cite web|url=http://linux.die.net/man/8/togglesebool |title=togglesebool(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref> | ||
| + | <code>setenforce</code>, | ||
| + | <code>semodule</code>, | ||
| + | <code>postfix-nochroot</code>, | ||
| + | <code>check-selinux-installation</code>, | ||
| + | <code>semodule_package</code>, | ||
| + | <code>checkmodule</code>, | ||
| + | <code>selinux-config-enforcing</code>,<ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man8/selinux-config-enforcing.8.html |title=Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20121220020432/http://manpages.ubuntu.com/manpages/natty/man8/selinux-config-enforcing.8.html |archivedate=2012-12-20 }}</ref> | ||
| + | <code>selinuxenabled</code>,<ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man1/selinuxenabled.1.html |title=Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20130209033811/http://manpages.ubuntu.com/manpages/natty/man1/selinuxenabled.1.html |archivedate=2013-02-09 }}</ref> | ||
| + | and <code>selinux-policy-upgrade</code><ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man8/selinux-policy-upgrade.8.html |title=Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20120404160143/http://manpages.ubuntu.com/manpages/natty/man8/selinux-policy-upgrade.8.html |archivedate=2012-04-04 }}</ref> | ||
| + | |||
| + | |||
== See also == | == See also == | ||
Revision as of 07:15, 24 December 2019
This article is a Draft. Help us to complete it.
wikipedia:Security-Enhanced Linux
semanage and restorecon command line utilities can be used to manage SELinux configuration and behavior.
SELinux is available in RHEL 4 since 2005 and in Ubuntu. As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.
Command-line utilities include:[1]
chcon,[2]
restorecon,[3]
restorecond,[4]
runcon,[5]
secon,[6]
fixfiles,[7]
setfiles,[8]
load_policy,[9]
booleans,[10]
getsebool,[11]
setsebool,[12]
togglesebool[13]
setenforce,
semodule,
postfix-nochroot,
check-selinux-installation,
semodule_package,
checkmodule,
selinux-config-enforcing,[14]
selinuxenabled,[15]
and selinux-policy-upgrade[16]
See also
- AppArmor
- seccomp (Linux Kernel)
Advertising:
