linux SELINUX 查看配置文件

ECS信息

规格：2vCPUs | 4GiB | kc1.large.2

镜像：openEuler 20.03 64bit with ARM | 公共镜像

linux SELinux 查看配置文件

# stat /etc/sysconfig/selinux File: /etc/sysconfig/selinux -> ../selinux/config Size: 17 Blocks: 0 IO Block: 4096 symbolic link Device: fd02h/64770d Inode: 141813 Links: 1 Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2021-10-04 15:57:54.203285534 +0800 Modify: 2020-05-18 10:35:49.716000000 +0800 Change: 2020-05-18 10:35:49.716000000 +0800 Birth: 2020-05-18 10:35:49.716000000 +0800

# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted

SELINUX的模式有三种：enforcing、permissive、disabled

SELINUXTYPE的策略有三种：targeted、minimum、mls

安装tree

# tree -bash: tree: command not found # yum install tree Last metadata expiration check: 2:46:11 ago on Mon 04 Oct 2021 01:19:18 PM CST. Dependencies resolved. ===================================================================================================================================== Package Architecture Version Repository Size ===================================================================================================================================== Installing: tree aarch64 1.7.0-18.oe1 OS 49 k Transaction Summary ===================================================================================================================================== Install 1 Package Total download size: 49 k Installed size: 165 k Is this ok [y/N]: y Downloading Packages: tree-1.7.0-18.oe1.aarch64.rpm 1.6 MB/s | 49 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------- Total 1.5 MB/s | 49 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : tree-1.7.0-18.oe1.aarch64 1/1 Verifying : tree-1.7.0-18.oe1.aarch64 1/1 Installed: tree-1.7.0-18.oe1.aarch64 Complete!

# pwd /etc/selinux

# tree . ├── config ├── restorecond.conf ├── restorecond_user.conf ├── semanage.conf └── targeted ├── booleans.subs_dist ├── contexts │ ├── customizable_types │ ├── dbus_contexts │ ├── default_contexts │ ├── default_type │ ├── failsafe_context │ ├── files │ │ ├── file_contexts │ │ ├── file_contexts.homedirs │ │ ├── file_contexts.local │ │ ├── file_contexts.subs │ │ ├── file_contexts.subs_dist │ │ └── media │ ├── initrc_context │ ├── lxc_contexts │ ├── openssh_contexts │ ├── removable_context │ ├── securetty_types │ ├── sepgsql_contexts │ ├── snapperd_contexts │ ├── systemd_contexts │ ├── userhelper_context │ ├── users │ │ ├── guest_u │ │ ├── root │ │ ├── staff_u │ │ ├── sysadm_u │ │ ├── unconfined_u │ │ ├── user_u │ │ └── xguest_u │ ├── virtual_domain_context │ ├── virtual_image_context │ └── x_contexts ├── logins ├── policy │ └── policy.31 ├── setrans.conf └── seusers 6 directories, 38 files

虽然selinux配置起来有些复杂，但是强烈建议在生产环境中开启selinux！为了安全着想，安全生产才是基线！

学习资料

弹性云服务器 ECS

openEuler-官网

openEuler-B站

openEuler-慕课

openEuler-文档

鲲鹏社区

欢迎各位同学一起来交流学习心得^_^

Linux openEuler

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。