Kerberos
Allow system to use Kerberos
Setsebool-p Allow_kerberos 1
Setsebool-p Krb5kdc_disable_trans 1
Service KRB5KDC Restart
Setsebool-p Kadmind_disable_trans 1
Service Kadmind Restart
Ftp
If you share to an anonymous user, you need to turn on the following chcon-r-t public_content_t/var/ftp
FTP directory upload files, SELinux need to set chcon-t public_content_rw_t/var/ftp/incoming
Allow anonymous user write permissions setsebool-p allow_ftpd_anon_write=1
< EM id= "__mcedel" > ftp users can access their home directory, you need to open setsebool -P ftp_home_dir 1
vsftpd run in daemon way, you need to turn on setsebool-p Ftpd_is_daemon 1
httpd
HTTP is set to allow CGI settingssetsebool-p httpd_enable_cgi 1
< EM id= "__mcedel" > user HHTP access to their home directory, set limit to user's home directory home page
< EM id= "__mcedel" > setsebool -P httpd_enable_homedirs 1
Chcon-r-T httpd_sys_content_t ~user/public_html
Allow httpd to access the terminal
Setsebool-p Httpd_tty_comm 1
Setsebool-p httpd_unified 0
Setsebool-p httpd_builtin_ing 0
Setsebool-p Httpd_can_network_connect 1
Setsebool-p Httpd_suexec_disable_trans 1
Turn off SELinux's protection for HTTPD process daemons
Setsebool-p Httpd_disable_trans 1
Service httpd Restart
Named
Named,master Updating SELinux settings
Setsebool-p Named_write_master_zones 1
Turn off process daemon protection for named
Setsebool-p Named_disable_trans 1
Service named restart
Nfs
SELinux sets the NFS share of this machine to read-only
Setsebool-p Nfs_export_all_ro 1
SELinux sets the NFS share of this machine to be readable and writable
Setsebool-p NFS_EXPORT_ALL_RW 1
To share the home directory of remote NFS to this machine, you need to turn on
Setsebool-p Use_nfs_home_dirs 1
Samba
Directory share to other users, set
Chcon-t samba_share_t/directory
Samba servers share directories to multiple domains, you need to:
Setsebool-p allow_smbd_anon_write=1
When a samba server wants to share a home directory:
Setsebool-p Samba_enable_home_dirs 1
Home directory using a remote Samba server on this computer
Setsebool-p Use_samba_home_dirs 1
Turn off SELinux protection for samba's process daemon
Setsebool-p Smbd_disable_trans 1
Service SMB Restart
Rsync
When sharing the Rsync directory:
Chcon-t public_content_t/directories
Allow other users to write
Setsebool-p allow_rsync_anon_write=1
Stop Rsync's process protection
Setsebool-p Rsync_disable_trans 1
Nis
When the system NIS environment
Setsebool-p Allow_ypbind 1
The impact of SELinux on some service relationships