SELinux
wikipedia:Security-Enhanced Linux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).
semanage
and restorecon
command line utilities can be used to manage SELinux configuration and behavior.
SELinux is available in RHEL 4 since 2005 and in Ubuntu. As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.
Command-line utilities[edit]
[1]chcon
,[2]restorecon
,[3]restorecond
,[4]runcon
,[5]secon
,[6]fixfiles
,[7]setfiles
,[8]load_policy
,[9]booleans
,[10]getsebool
,[11]setsebool
,[12]togglesebool
[13]setenforce
,
semodule
,
postfix-nochroot
,
check-selinux-installation
,
semodule_package
,
checkmodule
,
selinux-config-enforcing
,[14]selinuxenabled
,[15]
and selinux-policy-upgrade
[16]
sestatus setenforce enforcing
setenforce 0
Related[edit]
See also[edit]
- AppArmor,
/etc/apparmor.d/libvirt
,apparmor_status
- Seccomp
- SELinux,
semanage
,sestatus
,getenforce
,chcon
, security context,setsebool
- Mandatory access control: AppArmor, SELinux, seccomp, System Integrity Protection (macOS)
Advertising: