开启&监视SELinux‘
修改SELinux模式
修改SELinux上下文
修改SELinux的布尔值
SELinux故障排查
RH4开始,RH5完善
安全级别
极大提高安全性
SELinux对系统里面所有设备打标签,限制所有用户的所有行为,防止间接破坏
[[email protected] ~]# getenforce Enforcing [[email protected] ~]# setenforce 0 //只做记录不限制 [[email protected] ~]# getenforce Permissive [[email protected] ~]# setenforce 1 [[email protected] ~]# getenforce Enforcing [[email protected] ~]#
[[email protected] etc]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
时间: 2024-10-15 04:25:58