1. View the SELinux context
[Email protected] ~]# Ls-lz
[Email protected] ~]# ls-ldz/tmp/
[[Email protected] ~]# PS AUXZ View the context of the process
[[email protected] ~]# semanage Port--list View the context type of the port
[[email protected] ~]# semanage fcontext--list View all directory contexts
Opening and closing of 2.selinux
Setenforcing 1|0 SELinux temporarily turned on or off
Getenforce View the status of the current SELinux
Note: The edit/etc/selinux/config is permanently in effect and is adjusted from disabled to other States and must be restarted for the system to take effect.
3. Modifying the context
[Email protected] ~]# semanage fcontext-a-T httpd_sys_content_t "/custom (/.*)?"
[[email protected] ~]# restorecon-rv/custom/The context is not in effect, the recovery context must be executed
Note: The context of the/var/www/html directory is httpd_sys_content_t, if the configuration file is correct, if you want to change the/custom directory to the root of the httpd service, the/custom directory can refer to the/var/www/html/ Directory modification
4. Boolean values
[[email protected] ~]# Getsebool-a View all boolean information
[[email protected] ~]# setsebool-p httpd_enable_homedirs on-p: Set bool value to take effect permanently
5.selinux Port Context
[[Email protected] ~] #semanage Port--list View the port's context type
[[Email protected] ~] #semanage port-a-T ssh_port_t-p TCP 2222 Add 2222 port to ssh_port_t type
Add: If you have selinux problems, you can also refer to the information in/var/log/message.
This article is from the "Feng" blog, make sure to keep this source http://fengxiaoli.blog.51cto.com/12104465/1950916
SELinux (Experimental environment: redhat7.0)