SELinux Permissions Flashcards
What option do commands like ‘ls’, ‘ps’, ‘cp’, and ‘mkdir’ use to display or set the SELinux context?
■ -Z
What command shows the current SELinux mode?
■ getenforce
What changes the behavior of the SELinux policy?
■ (SELinux) Booleans
■ Act as switches that change the behavior of a policy that can be (dis|en)abled.
What command is used to display SELinux Booleans and their current value?
■ getsebool (-a)
What command sets/changes the SELinux operating mode?
■ setenforce (1|0)
What commands are used to change the SELinux context of a file?
■ chcon (-t; used to specify only the context)
■ restorecon (preferred)
What command can be used to display or modify the rules that ‘restorecon’ uses to set the default file context?
■ semanage fcontext [options] [-t type] [target]
What command is used to modify SELinux Booleans?
■ setsebool [-P; make persistent]
What command shows whether SELinux Booleans are persistent?
■ setsebool boolean -l
What service listens for audit messages in /var/log/audit/audit.log and sends a short summary to /var/log/messages?
■ setroubleshoot-server
What tools is used to produce a report of alert incidents?
■ sealert