########################################################
################### #selinux的初级管理 ###################
########################################################
1. What when SELinux
SELinux, kernel-level enhanced firewall
2. How to manage SELinux levels
SELinux turned on or off)
Vim/etc/sysconfig/selinux
selinux=disabled # #关闭状态
selinux=enforcing # #强制状态
selinux=permissive # #警告状态
Getenforce # #查看状态
when SELinux is turned on
Setenforce 0|1 # #更改selinux运行级别
3. How to change the file security context
Temporary change)
chcon-t Security Context File
Chcon-t Public_content_t/publicftp-r
Permanently changed)
semanage fcontext-l # #列出内核安全上下文列表内容
Semanage fcontext-a-T public_content_t '/publicftp (/.*)? '
restorecon-fvvr/publicftp/
4. How to control the SELinux switch to the service function
getsebool-a | grep Service Name
getsebool-a | grep FTP
setsebool-p function bool Value On|off
setsebool-p Ftpd_anon_write on
5. Monitor the SELinux error message
Setroubleshoot-server
This article from "12110289" blog, declined reprint!
Primary management of SELinux