Security-Enhanced Linux (SELinux) is a Linux mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. SELinux is enabled by default in RHEL 5 / CentOS 5 / Fedora etc. But many admin disabled it due to troubles and hard configuration options. So if you are afraid of SELinux, try new GUI tools to customizing your systemâ€™s protection by creating new policy modules is easier than ever. In this article, Dan Walsh gently walks you through the policy module creation process:
A lot of people think that building a new SELinux policy is magic, but magic tricks never seem quite as difficult once you know how they’re done. This article explains how I build a policy module and gives you the step-by-step process for using the tools to build your own.
=> A step-by-step guide to building a new SELinux policy module Sysadmin because even developers need heroes!!!
I am getting error that read as No Route to Host. I am trying to ping my ISP gateway as well as DNS server but I am getting this error. How do I solve this problem?
This problem indicate networking conflicts or some sort of networking configuration problem.
Here are things to check:
Can you ping to your local router interface (such as 192.168.1.254)?
Make sure your card (eth0) is properly configured with correct IP address and router address. Use ifconfig command to configure IP address and route command to setup correct router address. If you prefer to use GUI tools:
- redhat-config-network – Works on Red Hat and Fedora Linux/Cent OS.
- network-admin – Debian and Other Linux distribution use this GUI too
Use above two GUI tools to setup correct IP address, DNS address and router address.
b) Make sure firewall is not blocking your access
iptables is default firewall on Linux. Run following command to see what iptables rules are setup:
# /sbin/iptables -L -n
You can temporary clear all iptables rules so that you can troubleshoot problem. If you are using Red Hat or Fedora Linux type command:
# /etc/init.d/iptables save
# /etc/init.d/iptables stop
If you are using other Linux distribution type following commands:
# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
c) Finally make sure you are using a router and not a proxy server. Proxy servers are good for Internet browsing but not for other work such as ftp, sending ICMP request and so on.