Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual Manual pdf 84 page image
Manuals database logo
manualsdatabase
Your AI-powered manual search engine

Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual

Also see for ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE: Installation guideInstallation guideTuning guideInstallation guideManual

Page 1 previewPage 2 previewPage 3 previewPage 4 previewPage 5 previewPage 6 previewPage 7 previewPage 8 previewPage 9 previewPage 10 previewPage 11 previewPage 12 previewPage 13 previewPage 14 previewPage 15 previewPage 16 previewPage 17 previewPage 18 previewPage 19 previewPage 20 previewPage 21 previewPage 22 previewPage 23 previewPage 24 previewPage 25 previewPage 26 previewPage 27 previewPage 28 previewPage 29 previewPage 30 previewPage 31 previewPage 32 previewPage 33 previewPage 34 previewPage 35 previewPage 36 previewPage 37 previewPage 38 previewPage 39 previewPage 40 previewPage 41 previewPage 42 previewPage 43 previewPage 44 previewPage 45 previewPage 46 previewPage 47 previewPage 48 previewPage 49 previewPage 50 previewPage 51 previewPage 52 previewPage 53 previewPage 54 previewPage 55 previewPage 56 previewPage 57 previewPage 58 previewPage 59 previewPage 60 previewPage 61 previewPage 62 previewPage 63 previewPage 64 previewPage 65 previewPage 66 previewPage 67 previewPage 68 previewPage 69 previewPage 70 previewPage 71 previewPage 72 previewPage 73 previewPage 74 previewPage 75 previewPage 76 previewPage 77 previewPage 78 previewPage 79 previewPage 80 previewPage 81 previewPage 82 previewPage 83 previewPage 84 previewPage 85 previewPage 86 previewPage 87 previewPage 88 previewPage 89 previewPage 90 previewPage 91 previewPage 92 previewPage 93 previewPage 94 previewPage 95 previewPage 96 previewPage 97 previewPage 98 previewPage 99 previewPage 100 previewPage 101 previewPage 102 previewPage 103 previewPage 104 previewPage 105 previewPage 106 previewPage 107 previewPage 108 previewPage 109 previewPage 110 previewPage 111 previewPage 112 previewPage 113 previewPage 114 previewPage 115 previewPage 116 previewPage 117 previewPage 118 previewPage 119 previewPage 120 previewPage 121 previewPage 122 previewPage 123 previewPage 124 previewPage 125 previewPage 126 previewPage 127 previewPage 128 previewPage 129 previewPage 130 preview
Contents
  1. Table Of Contents
  2. Table Of Contents
  3. SELinux Architectural Overview
  4. SELinux, an Implementation of Flask
  5. SELinux Policy Overview
  6. Where is the Policy
  7. Policy Role in Boot
  8. File System Security Contexts
  9. Object Classes and Permissions
  10. TE Rules - Attributes
  11. TE Rules - Types
  12. TE Rules - Access Vectors
  13. Policy Macros
  14. SELinux Users and Roles
  15. TE Rules - Constraints
  16. Special Interfaces and File Systems
  17. Targeted Policy Overview
  18. Files and Directories of the Targeted Policy
  19. Understanding the File Contexts Files
  20. Common Macros in the Targeted Policy
  21. II. Working With SELinux
  22. Controlling and Maintaining SELinux
  23. Administrator Control of SELinux
  24. Analyst Control of SELinux
  25. Policy Writer Control of SELinux
  26. Tools for Manipulating and Analyzing SELinux
  27. Using seaudit for Audit Log Analysis
  28. Using apol for Policy Analysis
  29. Performance Tuning
  30. Compiling SELinux Policy
  31. What Happens During Policy Build
  32. General Policy Troubleshooting Guidelines
  33. Writing New Policy for a Daemon
  34. Deploying Customized Binary Policy
  35. References
  36. III. Appendix
  37. A. Brief Background and History of SELinux
  38. Index
  39. Colophon
Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual Manual pdf 84 page image
70 Chapter 5. Controlling and Maintaining SELinux5.2.17. When to RebootYour primary reason for rebooting with SELinux is to get your file system properly labeled using the/.autorelabel file. Another reason might be to completely enable or disable SELinux.Otherwise, you can safely make SELinux permissive by using setenforce 0.5.3. Analyst Control of SELinuxThis section presents some common tasks that a security analyst might need to do on an SELinuxsystem.5.3.1. Enable Kernel AuditingYou may wish to have the full kernel-level auditing available when doing analysis or troubleshooting.This can be quite verbose, since it generates one or more additional audit message(s) for each AVCaudit message. To enable, append the parameter audit=1 to your kernel boot line, either through/etc/grub.conf or via the GRUB menu during boot.This is an example of a full audit log entry when httpd is denied access to ~/public_html becausethe directory is not labeled as Web content:# Notice that the time and serial number stamps in the audit(...)# field are identical, making it easier to track a specific# event in the audit logs:Jan 15 08:03:56 hostname kernel: audit(1105805036.075:2392892): \avc: denied { getattr } for pid=2239 exe=/usr/sbin/httpd \path=/home/auser/public_html dev=hdb2 ino=921135 \scontext=user_u:system_r:httpd_t \tcontext=system_u:object_r:user_home_t tclass=dir# This audit message tells more about the source, including the# kind of syscall involved, showing that httpd tried to stat the# directory:Jan 15 08:03:56 hostname kernel: audit(1105805036.075:2392892): \syscall=195 exit=4294967283 a0=9ef88e0 a1=bfecc0d4 a2=a97ff4 \a3=bfecc0d4 items=1 pid=2239 loginuid=-1 uid=48 gid=48 euid=48 \suid=48 fsuid=48 egid=48 sgid=48 fsgid=48# This message tells more about the target:Jan 15 08:03:56 hostname kernel: audit(1105805036.075:2392892): \item=0 name=/home/auser/public_html inode=921135 dev=00:00By design, the serial number stamp is always identical for a particular audited event. The time stampmay not always be identical but most often is identical.NoteIf you are using an audit daemon for troubleshooting, the daemon may capture audit messages intoanother location than /var/log/messages, such as /var/log/audit.log. Red Hat Enterprise Linux4 does not ship with an audit daemon, but work on this is ongoing.
/ 130
Related manuals for Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE
Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE Manual
Red Hat ENTERPRISE LINUX 4 Manual first page preview
Red Hat ENTERPRISE LINUX 4 Manual
Red Hat ENTERPRISE LINUX 4 Manual first page preview
Red Hat ENTERPRISE LINUX 4 Manual
Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE Manual
Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE Manual
Red Hat ENTERPRISE LINUX 5.5 - ONLINE STORAGE GUIDE Manual first page preview
Red Hat ENTERPRISE LINUX 5.5 - ONLINE STORAGE GUIDE Manual
Red Hat ENTERPRISE LINUX 4 - USING AS Using Manual first page preview
Red Hat ENTERPRISE LINUX 4 - USING AS Using Manual
Red Hat ENTERPRISE LINUX 4 - USING ID Using Manual first page preview
Red Hat ENTERPRISE LINUX 4 - USING ID Using Manual
This manual is suitable for:
ENTERPRISE LINUX 4 - DEVELOPER TOOLS GUIDE
Manuals database logo
manualsdatabase
Your AI-powered manual search engine