Chapter 45. Working With SELinux

Chapter 45. Working With SELinux

45.1. End User Control of SELinux
45.1.1. Moving and Copying Files
45.1.2. Checking the Security Context of a Process, User, or File Object
45.1.3. Relabeling a File or Directory
45.1.4. Creating Archives That Retain Security Contexts
45.2. Administrator Control of SELinux
45.2.1. Viewing the Status of SELinux
45.2.2. Relabeling a File System
45.2.3. Managing NFS Home Directories
45.2.4. Granting Access to a Directory or a Tree
45.2.5. Backing Up and Restoring the System
45.2.6. Enabling or Disabling Enforcement
45.2.7. Enable or Disable SELinux
45.2.8. Changing the Policy
45.2.9. Specifying the Security Context of Entire File Systems
45.2.10. Changing the Security Category of a File or User
45.2.11. Running a Command in a Specific Security Context
45.2.12. Useful Commands for Scripts
45.2.13. Changing to a Different Role
45.2.14. When to Reboot
45.3. Analyst Control of SELinux
45.3.1. Enabling Kernel Auditing
45.3.2. Dumping and Viewing Logs

SELinux presents both a new security paradigm and a new set of practices and tools for administrators and some end-users. The tools and techniques discussed in this chapter focus on standard operations performed by end-users, administrators, and analysts.



[23] LVM is the grouping of physical storage into virtual pools that are partitioned into logical volumes.


Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.