SELinux (security-enhanced Linux) is a security subsystem of the U.S. National Security Agency (mac,mandatory access Control), developed with the help of the Linux open source community. The purpose of the Linux system to use SELinux technology is to constrain the individual service processes so that they are only able to obtain the resources that should be obtained.For example, you have installed a beautif
To disable SELinux, modify selinux = quot; in the/etc/SELINUX/config file as disabled, and restart. If you do not want to restart the system, run the setenforce0 command. note: setenforce1 sets SELinux to enforcing mode. setenforce0 sets SELinux to permis.
To disable
Four common causes of SELinux warning this article describes four causes of SELinux warning and solutions. Www.2cto.com cause 1: the core concept of SELinux is labeling, whether it is a file system, directory, file, file start descriptor, port, message interface or network interface, all tags are required and can only be executed according to the permissions gran
ibm sdk version 1.5 Service Release 5 or later installed.
In addition, the Red Hat Enterprise Linux version 5 default policy for security-enhanced Linux (SELinux) prevents WebSphere Application Server versions 6.0 and 6.1 from installing and running properly.Resolving the problemComplete the following steps:
1. Disable SELinux on the Red Hat Enterprise Linux version 5 Operating System before installing Web
The company rented another Linux server and wanted to use Debian, but the management staff of the IDC would not install it, so they had to use rhel5 instead.
Zend optimizer is used for the system. I installed v3.3 and the installation process went smoothly. After I restarted Apache, I found that the Zend optimizer module was not loaded, and no records were found in Apache error_log, execute the PHP-V command with the following output:
Failed loading/usr/local/Zend/lib/Optimizer-3.3.0/zendoptimiz
The topic of this article is SELinux configuration on RHEL 5. RHEL also provides two methods to configure SELinux: graphical user interface (GUI) and command line. To demonstrate the ease of use of SELinux, This article uses the rhel gui to enable SELinux.
To enable SELinux
SELinux Properties of files1. Temporary modification of File type propertiesIncorrect file Type property is the main cause of common selinux denial of access1) Modify the SELinux properties of the file:[email protected] ~]# Touch Test.file # #新建文件[Email protected] ~]# ls-z Test.file # #查看文件的SELinux属性-rw-r--r--. Root ro
SELinux is short for security-enhanced Linux. The traditional Linux permission controls the owner, group, and other rwx of files and directories, while SELinux uses the delegated access control, that is to say, to control the access of a process to the files and directories on a specific file system, SELinux sets many rules to determine which processes can access
Analysis of selinux and Xinxing linuxselinux in Linux
Selinux is a program initiated by the US National Security Agency. It aims to reinforce the system to a level that can reach the military level. This also provides more powerful protection for Linux security.
The so-called DAC is autonomous access control, that is, in order to be able to share files with other users, each user can only change the permiss
SELinux is a project launched by the National Security Agency to strengthen the system to a level that can reach the military. This also provides a stronger guarantee for Linux security.The so-called DAC, is the autonomous access control, that is, every user in order to be able to implement and other users to share files, before using ACLs, only by changing the permissions of other users of this file, but this method to the security of the system has
Linux Security Mode
DAC, autonomous access control
MAC, mandatory access control
SELinux
A set of MAC extension modules to strengthen Linux security
National Security Agency leads development
How SELinux works
Integrated Linux kernel (2.6 and above)
Operating system provides customizable policies and management tools
[[email protected] ~] # cat / etc / redhat-release
Red Hat Enterprise Linux Se
Article Title: SELINUX from understanding to hands-on configuration. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
SELinux can provide great security protection for your system. Users can be assigned pre-defined roles so that they cannot access files or access programs
Linux selinux and LinuxselinuxOperating mode of SELinuxSubject: SELinux mainly wants to manage programs. Therefore, you can set the "Subject" and "process" to an equal sign;Object: the Object resource that the subject program can access is generally a file system. Therefore, this target project can be assigned an equal sign to the file system;Policy: because of the large number of programs and archives,
SELinux uses so-called Delegated access control (Mandatory access Control,mac) to manage permissions based on specific programs and specific file resources. Even the root user, when using a different program, the permissions you can obtain are not necessarily root, need to be based on the program settings.I. SELinux mode of operation1、主体(Subject) SELinux主要
About SELinux
SELinux provides a flexible Mandatory Access Control System (MAC) at the Linux kernel level. This mandatory access control system is built on a free access control system (DAC.
DAC means that the system's Secure Access Control is freely managed by the system administrator root, not when the system forces Mac to run, for example, when an application or thread runs with a user UID or suid, it al
Primary management of SELinux1. What is SELinuxSELinux, kernel-level enhanced firewall (a plugin on the kernel)SELinux (security-enhanced Linux) is the United States National Security Agency (NSA) implementation of mandatory access control, is the most outstanding new security subsystem in the history of Linux. The NSA, with the help of the Linux community, has developed an access control system that, under the constraints of the access control system
These two days to do lamp when found selinux such a thing, send a closed method!
Ways to turn off SELinux:
Modify the Selinux= "" in the/etc/selinux/config file as disabled and reboot.
If you do not want to reboot the system, use the command Setenforce 0
Note:
Setenforce 1 set
Original Address: http://www.ibm.com/developerworks/cn/linux/l-cn-selinux-services1/index.html?ca=drs-introductionSELinux's security measures are mainly focused on access control of various network services. For services like Apache, Samba, NFS, Vsftp, MySQL, Bind DNS, SELinux only opens the most basic operational requirements. As for connecting the external network, running scripts, accessing the user dire
15.SElinux Security system Basics · SELinux (Secure enhanced Linux) Security Enhancements Linux is a NSA a brand-new security development for the computer infrastructure Linux security policy mechanism, SELinux allows administrators to define security policies more flexibly,· SELinux is a kernel-level security mechanis
This is the name of this article, because it is not very understanding of Selinux, perhaps you have a better way please tell me! first, the problem phenomenonafter Nginx startup, this machine can be accessed normally, using the Curl command to get the default index.html, the other interfaces are inaccessible. The remote access server prompts for the request information, check Nginx user rights and ports are normal, iptables not started. # curl-i local
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.