Difference between revisions of "SELinux"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Tags: Mobile web edit, Mobile edit
 
(9 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Draft}}
+
[[wikipedia:Security-Enhanced Linux]] is a [[Linux kernel]] security module that provides a mechanism for supporting access control security policies, including [[mandatory access controls]] (MAC).
[[wikipedia:Security-Enhanced Linux]]
 
  
 
<code>[[semanage]]</code> and <code>[[restorecon]]</code> command line utilities can be used to manage SELinux configuration and behavior.
 
<code>[[semanage]]</code> and <code>[[restorecon]]</code> command line utilities can be used to manage SELinux configuration and behavior.
Line 7: Line 6:
  
  
Command-line utilities include:<ref>{{cite web|url=https://fedoraproject.org/wiki/SELinux/Commands |title=SELinux/Commands - FedoraProject |accessdate=2015-11-25}}</ref>
+
== Command-line utilities ==
<code>chcon</code>,<ref>{{cite web |url=http://linuxcommand.org/man_pages/chcon1.html |archive-url=https://web.archive.org/web/20041024211853/http://linuxcommand.org/man_pages/chcon1.html |url-status=dead |archive-date=2004-10-24 |title=chcon |publisher=Linuxcommand.org |accessdate=2013-02-06 }}</ref>
+
<ref>{{cite web|url=https://fedoraproject.org/wiki/SELinux/Commands |title=SELinux/Commands - FedoraProject |accessdate=2015-11-25}}</ref>
 +
<code>[[chcon]]</code>,<ref>{{cite web |url=http://linuxcommand.org/man_pages/chcon1.html |archive-url=https://web.archive.org/web/20041024211853/http://linuxcommand.org/man_pages/chcon1.html |url-status=dead |archive-date=2004-10-24 |title=chcon |publisher=Linuxcommand.org |accessdate=2013-02-06 }}</ref>
 
<code>restorecon</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecon |title=restorecon(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 
<code>restorecon</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecon |title=restorecon(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 
<code>restorecond</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecond |title=restorecond(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 
<code>restorecond</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecond |title=restorecond(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
Line 34: Line 34:
  
  
 +
<code>setenforce 0</code>
 +
 +
== Related ==
 +
* [[selinux-utils]]
  
 
== See also ==  
 
== See also ==  
Line 40: Line 44:
 
* {{SELinux}}
 
* {{SELinux}}
 
* {{Security modules}}
 
* {{Security modules}}
 +
  
 
[[Category:Linux]]
 
[[Category:Linux]]
 
[[Category:Security]]
 
[[Category:Security]]
 +
[[Category:SELinux]]

Latest revision as of 09:51, 7 November 2021

wikipedia:Security-Enhanced Linux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).

semanage and restorecon command line utilities can be used to manage SELinux configuration and behavior.

SELinux is available in RHEL 4 since 2005 and in Ubuntu. As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.


Command-line utilities[edit]

[1] chcon,[2] restorecon,[3] restorecond,[4] runcon,[5] secon,[6] fixfiles,[7] setfiles,[8] load_policy,[9] booleans,[10] getsebool,[11] setsebool,[12] togglesebool[13] setenforce, semodule, postfix-nochroot, check-selinux-installation, semodule_package, checkmodule, selinux-config-enforcing,[14] selinuxenabled,[15] and selinux-policy-upgrade[16]

sestatus
setenforce enforcing


setenforce 0

Related[edit]

See also[edit]

  • "SELinux/Commands - FedoraProject". Retrieved 2015-11-25.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "chcon". Linuxcommand.org. Archived from the original on 2004-10-24. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "restorecon(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "restorecond(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "runcon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "secon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "fixfiles(8): fix file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "setfiles(8): set file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "load_policy(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "booleans(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "getsebool(8): SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "setsebool(8): set SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "togglesebool(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing". Canonical Ltd. Archived from the original on 2012-12-20. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if". Canonical Ltd. Archived from the original on 2013-02-09. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy". Canonical Ltd. Archived from the original on 2012-04-04. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • Advertising: