SELinux Permissions Flashcards

1
Q

What option do commands like ‘ls’, ‘ps’, ‘cp’, and ‘mkdir’ use to display or set the SELinux context?

A

■ -Z

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What command shows the current SELinux mode?

A

■ getenforce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What changes the behavior of the SELinux policy?

A

■ (SELinux) Booleans

■ Act as switches that change the behavior of a policy that can be (dis|en)abled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What command is used to display SELinux Booleans and their current value?

A

■ getsebool (-a)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What command sets/changes the SELinux operating mode?

A

■ setenforce (1|0)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What commands are used to change the SELinux context of a file?

A

■ chcon (-t; used to specify only the context)

■ restorecon (preferred)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What command can be used to display or modify the rules that ‘restorecon’ uses to set the default file context?

A

■ semanage fcontext [options] [-t type] [target]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What command is used to modify SELinux Booleans?

A

■ setsebool [-P; make persistent]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What command shows whether SELinux Booleans are persistent?

A

■ setsebool boolean -l

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What service listens for audit messages in /var/log/audit/audit.log and sends a short summary to /var/log/messages?

A

■ setroubleshoot-server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What tools is used to produce a report of alert incidents?

A

■ sealert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly