Difference between revisions of "SELinux"

From wikieduonline
Jump to navigation Jump to search
(As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.)
Line 5: Line 5:
  
 
SELinux is available in [[RHEL]] 4 since 2005 and in [[Ubuntu]]. As of 2018 [[Ubuntu]] 18.04 LTS do not install SELinux by default.
 
SELinux is available in [[RHEL]] 4 since 2005 and in [[Ubuntu]]. As of 2018 [[Ubuntu]] 18.04 LTS do not install SELinux by default.
 +
 +
 +
Command-line utilities include:<ref>{{cite web|url=https://fedoraproject.org/wiki/SELinux/Commands |title=SELinux/Commands - FedoraProject |accessdate=2015-11-25}}</ref>
 +
<code>chcon</code>,<ref>{{cite web |url=http://linuxcommand.org/man_pages/chcon1.html |archive-url=https://web.archive.org/web/20041024211853/http://linuxcommand.org/man_pages/chcon1.html |url-status=dead |archive-date=2004-10-24 |title=chcon |publisher=Linuxcommand.org |accessdate=2013-02-06 }}</ref>
 +
<code>restorecon</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecon |title=restorecon(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>restorecond</code>,<ref>{{cite web|url=http://linux.die.net/man/8/restorecond |title=restorecond(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>runcon</code>,<ref>{{cite web|url=http://linux.die.net/man/1/runcon |title=runcon(1) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>secon</code>,<ref>{{cite web|url=http://linux.die.net/man/1/secon |title=secon(1) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>fixfiles</code>,<ref>{{cite web|url=http://linux.die.net/man/8/fixfiles |title=fixfiles(8): fix file SELinux security contexts - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>setfiles</code>,<ref name="auto">{{cite web|url=http://linux.die.net/man/8/setfiles |title=setfiles(8): set file SELinux security contexts - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>load_policy</code>,<ref>{{cite web|url=http://linux.die.net/man/8/load_policy |title=load_policy(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>booleans</code>,<ref>{{cite web|url=http://linux.die.net/man/8/booleans |title=booleans(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>getsebool</code>,<ref>{{cite web|url=http://linux.die.net/man/8/getsebool |title=getsebool(8): SELinux boolean value - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>setsebool</code>,<ref>{{cite web|url=http://linux.die.net/man/8/setsebool |title=setsebool(8): set SELinux boolean value - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>togglesebool</code><ref>{{cite web|url=http://linux.die.net/man/8/togglesebool |title=togglesebool(8) - Linux man page |publisher=Linux.die.net |date= |accessdate=2013-02-06}}</ref>
 +
<code>setenforce</code>,
 +
<code>semodule</code>,
 +
<code>postfix-nochroot</code>,
 +
<code>check-selinux-installation</code>,
 +
<code>semodule_package</code>,
 +
<code>checkmodule</code>,
 +
<code>selinux-config-enforcing</code>,<ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man8/selinux-config-enforcing.8.html |title=Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20121220020432/http://manpages.ubuntu.com/manpages/natty/man8/selinux-config-enforcing.8.html |archivedate=2012-12-20 }}</ref>
 +
<code>selinuxenabled</code>,<ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man1/selinuxenabled.1.html |title=Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20130209033811/http://manpages.ubuntu.com/manpages/natty/man1/selinuxenabled.1.html |archivedate=2013-02-09 }}</ref>
 +
and <code>selinux-policy-upgrade</code><ref>{{cite web |url=http://manpages.ubuntu.com/manpages/natty/man8/selinux-policy-upgrade.8.html |title=Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy |publisher=[[Canonical Ltd]] |accessdate=2013-02-06 |url-status=dead |archiveurl=https://web.archive.org/web/20120404160143/http://manpages.ubuntu.com/manpages/natty/man8/selinux-policy-upgrade.8.html |archivedate=2012-04-04 }}</ref>
 +
 +
  
 
== See also ==  
 
== See also ==  

Revision as of 07:15, 24 December 2019

This article is a Draft. Help us to complete it.

wikipedia:Security-Enhanced Linux

semanage and restorecon command line utilities can be used to manage SELinux configuration and behavior.

SELinux is available in RHEL 4 since 2005 and in Ubuntu. As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.


Command-line utilities include:[1] chcon,[2] restorecon,[3] restorecond,[4] runcon,[5] secon,[6] fixfiles,[7] setfiles,[8] load_policy,[9] booleans,[10] getsebool,[11] setsebool,[12] togglesebool[13] setenforce, semodule, postfix-nochroot, check-selinux-installation, semodule_package, checkmodule, selinux-config-enforcing,[14] selinuxenabled,[15] and selinux-policy-upgrade[16]


See also

  • "SELinux/Commands - FedoraProject". Retrieved 2015-11-25.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "chcon". Linuxcommand.org. Archived from the original on 2004-10-24. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "restorecon(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "restorecond(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "runcon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "secon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "fixfiles(8): fix file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "setfiles(8): set file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "load_policy(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "booleans(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "getsebool(8): SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "setsebool(8): set SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "togglesebool(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing". Canonical Ltd. Archived from the original on 2012-12-20. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if". Canonical Ltd. Archived from the original on 2013-02-09. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • "Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy". Canonical Ltd. Archived from the original on 2012-04-04. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  • Advertising: