SELinux (Experimental environment: redhat7.0)

1. View the SELinux context

[Email protected] ~]# Ls-lz

[Email protected] ~]# ls-ldz/tmp/

[[Email protected] ~]# PS AUXZ View the context of the process

[[email protected] ~]# semanage Port--list View the context type of the port

[[email protected] ~]# semanage fcontext--list View all directory contexts

Opening and closing of 2.selinux

Setenforcing 1|0 SELinux temporarily turned on or off

Getenforce View the status of the current SELinux

Note: The edit/etc/selinux/config is permanently in effect and is adjusted from disabled to other States and must be restarted for the system to take effect.

3. Modifying the context

[Email protected] ~]# semanage fcontext-a-T httpd_sys_content_t "/custom (/.*)?"

[[email protected] ~]# restorecon-rv/custom/The context is not in effect, the recovery context must be executed

Note: The context of the/var/www/html directory is httpd_sys_content_t, if the configuration file is correct, if you want to change the/custom directory to the root of the httpd service, the/custom directory can refer to the/var/www/html/ Directory modification

4. Boolean values

[[email protected] ~]# Getsebool-a View all boolean information

[[email protected] ~]# setsebool-p httpd_enable_homedirs on-p: Set bool value to take effect permanently

5.selinux Port Context

[[Email protected] ~] #semanage Port--list View the port's context type

[[Email protected] ~] #semanage port-a-T ssh_port_t-p TCP 2222 Add 2222 port to ssh_port_t type

Add: If you have selinux problems, you can also refer to the information in/var/log/message.

This article is from the "Feng" blog, make sure to keep this source http://fengxiaoli.blog.51cto.com/12104465/1950916

SELinux (Experimental environment: redhat7.0)