Frequently Asked Questions About Linux / UNIX » SELinux

What Is SELinux?

nixCraft — Thu, 06 Dec 2012 17:08:37 +0000

What is SELinux? Why should I use SELInux on my CentOS or Red Hat Enterprise Linux server running on IBM hardware?

seinfo Command: Query SELinux Policy Under CentOS / RHEL / Linux

nixCraft — Sat, 01 Dec 2012 23:15:21 +0000

How do I query and get information about a policy under SELinux? How do I analyze a binary or a source policy file under SELinux?

Read answer to: "seinfo Command: Query SELinux Policy Under CentOS / RHEL / Linux"

tar and rsync: Archive and Preserve SELinux Contexts, Extended Attributes, And ACLs

nixCraft — Fri, 09 Nov 2012 22:11:25 +0000

How do I use tar and rsync command that can preserve the ACLs, extended attributes and SELinux contexts under CentOS / RHEL / Fedora Linux server while making backups?

Read answer to: "tar and rsync: Archive and Preserve SELinux Contexts, Extended Attributes, And ACLs"

HowTo: Temporarily Switch Off SELinux Enforcement

nixCraft — Sun, 08 Apr 2012 19:39:44 +0000

How do I temporarily switch off SELinux enforcement under Red Hat Enterprise Linux server version 6.x using command prompt? How do I turn on SELinux enforcement again?

Read answer to: "HowTo: Temporarily Switch Off SELinux Enforcement"

Linux Syslogd: Nothing Gets Logged Using /dev/log And /jail/apache/dev/log

nixCraft — Sun, 22 Aug 2010 07:33:19 +0000

I've configured my Apache in chrooted jail at /jail/apache directory. However, my syslogd is not working and nothing gets logged using /dev/log and /jail/apache/dev/log. How do I fix this problem under CentOS 5.x AMD64 with SELinux?

Read answer to: "Linux Syslogd: Nothing Gets Logged Using /dev/log And /jail/apache/dev/log"

CentOS / Redhat: Turn On SELinux Protection

nixCraft — Tue, 05 Jan 2010 11:52:59 +0000

SELinux enforces the idea that programs should be limited in what files they can access and what actions they can take. However, by default it is turned off under RHEL / CentOS 5.x server? How do I turn it on?

Read answer to: "CentOS / Redhat: Turn On SELinux Protection"

Linux Kernel /etc/sysctl.conf Security Hardening

nixCraft — Tue, 27 Oct 2009 16:55:00 +0000

How do I set advanced security options of the TCP/IP stack and virtual memory to improve security and performance of my system? How do I configure Linux kernel to prevent certain kinds of attacks using /etc/sysctl.conf? How do I set Linux kernel parameters?

Read answer to: "Linux Kernel /etc/sysctl.conf Security Hardening"

Redhat / CentOS Install Memcached Caching System

nixCraft — Mon, 19 Oct 2009 03:02:43 +0000

How do I install memcached a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load under CentOS / RHEL / Fedora / Redhat Linux?

Read answer to: "Redhat / CentOS Install Memcached Caching System"

Squid Listen on Other Port ( Squid Configure Port Listing with SELinux)

nixCraft — Mon, 20 Apr 2009 12:26:32 +0000

My Squid proxy server running on port 3128. Since this is frequently scanned by adversaries looking for proxy servers; I've changed port to 10000 and restart squid. But my squid is not working on port # 10000 it only works on port # 3128? How do I force Squid to listen on uncommon port under CentOS Linux v5.3?

Read answer to: "Squid Listen on Other Port ( Squid Configure Port Listing with SELinux)"

SELinux Apache Allow To Serve The Contents Of a Loopback Mounted ISO Image

nixCraft — Wed, 31 Dec 2008 18:11:57 +0000

Q. How do I configure CentOS Linux SELinux security to permit httpd 2.2 (Apache web server) to serve the contents of a loopback mounted ISO images located at /var/www/html/lan/iso directory?

Read answer to: "SELinux Apache Allow To Serve The Contents Of a Loopback Mounted ISO Image"

Linux Disable or Enable ExecShield Buffer Overflows Protection

nixCraft — Mon, 09 Apr 2007 12:25:25 +0000

Now that I have Cent OS (RHEL clone) installed on my IBM server, I'm wondering what is ExecShield and how do I disable the same?

Read answer to: "Linux Disable or Enable ExecShield Buffer Overflows Protection"

CentOS Linux Install OpenVZ Virtualization Software

nixCraft — Sat, 05 Aug 2006 18:39:39 +0000

How do I install OpenVZ Virtualization container software under Red Hat Enterprise Linux or CentOS Linux 5.x server?

Read answer to: "CentOS Linux Install OpenVZ Virtualization Software"