To enable SELinux from the RHEL GUI, click on System > Administration > Security Level and Firewall. Go to the SELinux tab, set SELinux to "permissive mode" and restart the server.
Starting SELinux in Allow mode is a good practice (learning to configure SELinux). In this mode, you can feel and touch SELinux up close, but it doesn't affect anything in the server and application/database. During the test, you must review the log information carefully, checking all warnings and all refusal errors generated by the program and database during the operation.
After setting SELinux to allow mode and restarting my RHEL, I didn't notice any difference. I log in to the system as the root account and then use the sestatus command to view the health of the SELinux environment.
Since SELinux has been started and running in the allowed mode, it is time to manage SELinux. RHEL provides a GUI for SELinux policy management, and the root user can initialize the GUI using the system-config-SELinux command. This command will open the main interface of the GUI. You can see the following window in RHEL or Fedora Linux:
In the figure above, you can find it in the left box. The main options for SELinux management. The second option, "Boolean", contains the Boolean conditions for most of the default services and processes in SELinux management. The same conditions can also be listed using the getsebool command. For example, if you only want to know the existing Boolean conditions for the ftpd daemon, then you can use the following command:
To change the Boolean condition, such as allow_ftpd_use_cifs =off - This condition means that the FTP process cannot use the cifs protocol for public file transfer - we can click the corresponding condition (entry) under the "Boolean" tab in the system-config-SELinux interface, as shown in the following figure. This action will allow the FTP service to use the cifs protocol for public file transfers. You can execute the getsebool and grep commands against the ftpd process to see if the operation just took effect.
Server security has always been a top priority, especially since the viruses and T
IIS domain name binding: Lets take the site named test as an example to explain th
These two days were tossed by the server, and the program in the event viewer kep
There are many ways to crash Windows Server, but most of them fall into three categories: old anti-v
What are the attacks on the web server?
Server technology minicomputer and cluster server simple comparison
X86 or RISC? Server selection should consider 12 points
Four considerations for server security management
503 service temporarily unavailable solution
How to completely reinstall IIS after an error
CentOS uninstall Apache method detailed
Graphical installation of IIS7 in Vista and configuration of ASP environment
Vps common problems, vps and server differences
The management server ensures that the actual management experience of security is shared.
Windows 7 system update does not need to restart the tips
Common methods for recovering WINDOWS failures (4)
Prevent problems before they happen. Easy to do Windows 2000 security policy
What should I do if the win7 Ultimate PC has a preview delay?
Android tablet CPU overclocking skills
How to quickly confirm the system version number of Windows?
Final Fantasy Zero HD how to open launch Final Fantasy HD open launch Raiders share
The Windows 8 Tablet System Requirements Specification is now available