Configure SELinux – Part 3

Ensure SELinux policy is configured Overview: Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Why: Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure... Continue Reading →

Configure SELinux – Part 2

Ensure the SELinux state is enforcing Overview: Set SELinux to enable when the system is booted. Why: SELinux must be enabled at boot time in to ensure that the controls it provides are in effect at all times. Audit: Run the following commands and ensure output matches: # grep SELINUX=enforcing /etc/selinux/config SELINUX=enforcing # sestatus SELinux... Continue Reading →

A Website.

Up ↑