[1] SELinux boot configuration file/etc/sysconfig/seLinux SELINUX = Enforcing (default) Disabled: Disable The SELinux function Permissive: displays only warning information, does not block Enforcing: enforce the SELinux function to generate the warning message SELINUXTYPE = targeted www.2cto.com strict: The complete protection function, including network services, general commands and applications targeted: protect network-related services dhcpd httpd mysqld named nscd ntpd portmap postgres snmpd squid syslogd [2] view SELinux status sestatus or getenforce view SELinux status [3] restart SELinux to call/sbin/setfiles Some files are marked with ls-Z to view the file www.2cto.com ps-Z to view the process id-Z to view the current user [4] setting SELinux status without restarting the system setenforce [Enforcing | Permissive | 1 | 0] [5] system-config-selinux graphical Management page [6] When SELinux is enabled, configure vsftpd service 1] Set SELinux allow mode setenforce Permissive 2] install and start vsftpd service yum install vsftpd-y service vsftpd start 3] Test Anonymous logon and download login with a local user, and download, upload 4: Set SELinux force mode setenforce Enforcing 5: test related functions again. Anonymous Users can log on to and download files. Recording, downloading, uploading --- rejected [6] configuring SELinux, function 1 required for release: Method 1: log a is displayed in the/var/log/messages file of the server/ audit. a yellow star (selinux troubleshooter) is automatically displayed in the upper-right corner of the normal screen. If no/etc/syslog is displayed. conf starts service syslog restart normally and starts the following services at the same time: www.2cto.com [root @ www ~] # Setroubleshootd c view the log tail/var/log/messages sealert-l xxxxxxxxxxxxxxxxxxxx sealert-a/var/log/audit. the log d prompts that the setsebool-P ftp_home_dir = 1 test, system Account logon to ftp successful 2] method 2 man-k ftp | grep selinux man 8 ftp_selinux from the kakane Column