From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Diagnose routine SELinux policy violations

Diagnose routine SELinux policy violations

From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security

Start my 1-month free trial

Diagnose routine SELinux policy violations

- [Instructor] In this exercise, you'll be modifying critical system files in a security context in order to break it. Before we do this, you might want to create a snapshot of your VM, just in case. Click on the snapshot button on the toolbar of your VM and then click on the plus symbol in the bottom left, give you a snapshot of name and then click on Finish. Now, go back to your Console and click on full screen. Now, if you manage to make your VM non-functional, you can just run the snapshot and you'll be back in business. As the Linux logs alerts when it's running in either enforcing or permissive mode. If the audit DService is running, SELinux logs to ./var/log/audit.log. If the audit DService is not running, it logs the ./var/log/messages. It may be advantageous to tell whichever log file is being used on your host. You'll need to elevate privileges for these. Because our virtual machines are very new, there may not be any SELinux messages to look at. So we're going to generate…

Contents