Configure SELinux – Part 2

Ensure the SELinux state is enforcing Overview: Set SELinux to enable when the system is booted. Why: SELinux must be enabled at boot time in to ensure that the controls it provides are in effect at all times. Audit: Run the following commands and ensure output matches: # grep SELINUX=enforcing /etc/selinux/config SELINUX=enforcing # sestatus SELinux... Continue Reading →

Configure SELinux – Part 1

SELinux provides a Mandatory Access Control (MAC) system that greatly augments the default Discretionary Access Control (DAC) model. Under SELinux, every process and every object (files, sockets, pipes) on the system is assigned a security context, a label that includes detailed type information about the object. The kernel allows processes to access objects only if... Continue Reading →

A Website.

Up ↑