[WLUG] Washtenaw Linux Users Group Meeting 8/21/2014
Carl T. Miller
carl at carltm.com
Sun Aug 24 16:51:38 EDT 2014
Mike Bernson wrote:
> *** Meeting Announcement ***
> for the
> Washtenaw Linux Users Group - WLUG
>
> Topic: SELinux
> By: Carl Miller
>
Here is the brief summary of essential troubleshooting commands:
Find out if selinux is enabled:
getenforce
Find recent violations and proposed solutions:
sealert -a /var/log/audit/audit.log
To update a boolean temporarily:
setsebool httpd_can_sendmail on
To update a boolean permanently:
setsebool -P httpd_can_sendmail on
To relabel a directory temporarily (two methods):
chcon -R -t httpd_sys_content_t /web
chcon -R --reference /var/www/html /web
To relabel a directory permanently (requires both commands):
semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
restorecon -R -v /web
To install a policy created by audit2allow (which may be
suggested by sealert):
semodule -i NewPolicy.pp
c
More information about the washlug
mailing list