From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Use Booleans to modify SELinux behavior
From the course: Red Hat Certified System Administrator (EX200) Cert Prep: 2 File Access, Storage, and Security
Use Booleans to modify SELinux behavior
- [Instructor] In many cases, administrators don't have to rewrite SELinux security policies to permit certain actions. SELinux has booleans, which are on-off switches to activate or deactivate certain functions. For instance, by default Mozilla plugins can't use GPS. If they wanted this functionality turned on, it's as simple as flipping a switch. To get a list of SELinux booleans use the getsebool command. Type in getsebool -a and hit Enter. There's about 300 booleans, so be sure to scroll up. We can get the value of just one boolean by specifying it. Type in clear and then type in getsebool mozilla_plugin_use_gps and hit Enter. And you can see that this boolean is set to off. You can also get the boolean list with sestatus -b. Type in sestatus -b and hit Enter. A third tool to get the list of booleans is semanage. Although we need to elevate privileges for this. Type in clear and type in studo semanage boolean -l and hit Enter. The advantage of this command is that it also gives…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Set enforcing and permissive modes for SELinux5m 13s
-
(Locked)
List and identify SELinux file and process context3m 28s
-
(Locked)
Restore SELinux default file contexts4m 11s
-
(Locked)
Use Booleans to modify SELinux behavior2m 33s
-
(Locked)
Diagnose routine SELinux policy violations6m 57s
-
(Locked)
Maintain security context when managing files1m 6s
-
(Locked)
Manage firewalls with firewalld2m 58s
-
(Locked)
Challenge: Manage security3m 55s
-
(Locked)
Solution: Manage security6m 18s
-
-
-
-
-