SELinux

SELinux

From Consultancy.EdVoncken.NET

Jump to: navigation, search

Contents

Security Enhanced Linux

SELinux is an implementation of Mandatory Access Control (MAC) for the Linux kernel. It also provides concepts from Mandatory Integrity Control (MIC), Role-Based Access Control (RBAC), and Type Enforcement (TE). Most of these concepts relate to the Access Control domain.

SELinux Hints and Tips

Check if SELinux is active: 

 sestatus

Repair file contexts: 

 restorecon -R -v /path/to/files

Apache

For a reverse proxy, you want to allow network connections originating from httpd: 

 setsebool -P httpd_can_network_connect=1

Check httpd_selinux(8) fpr more information.

FTP Server

Check ftpd_selinux(8) fpr more information.

Retrieved from "http://consultancy.edvoncken.net/index.php/SELinux"