From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Diagnose routine SELinux policy violations
From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security
Diagnose routine SELinux policy violations
- [Instructor] In this exercise, you'll be modifying critical system files in a security context in order to break it. Before we do this, you might want to create a snapshot of your VM, just in case. Click on the snapshot button on the toolbar of your VM and then click on the plus symbol in the bottom left, give you a snapshot of name and then click on Finish. Now, go back to your Console and click on full screen. Now, if you manage to make your VM non-functional, you can just run the snapshot and you'll be back in business. As the Linux logs alerts when it's running in either enforcing or permissive mode. If the audit DService is running, SELinux logs to ./var/log/audit.log. If the audit DService is not running, it logs the ./var/log/messages. It may be advantageous to tell whichever log file is being used on your host. You'll need to elevate privileges for these. Because our virtual machines are very new, there may not be any SELinux messages to look at. So we're going to generate…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Set enforcing and permissive modes for SELinux5m 13s
-
List and identify SELinux file and process context3m 28s
-
Restore SELinux default file contexts4m 11s
-
Use Booleans to modify SELinux behavior2m 33s
-
Diagnose routine SELinux policy violations6m 57s
-
Maintain security context when managing files1m 6s
-
Manage firewalls with firewalld2m 58s
-
Challenge: Manage security3m 55s
-
Solution: Manage security6m 18s
-
-
-
-
-