Selinux
سه شنبه, ۲۱ اسفند ۱۳۹۷، ۱۱:۲۷ ق.ظ
SELinux stands for Security-Enhanced Linux. It is a way to improve the server security.
cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
Show state:
- $ sestatus #show state
- $ getenforce #show state]
change[not permanent]:
- $ setenforce [enforcing] or [permissive]
Change Permanently:
vim /etc/selinux/config
SELINUX=enforcing