selinux:do_boolean_lockdown
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| selinux:do_boolean_lockdown [2016/07/11 11:03] – created peter | selinux:do_boolean_lockdown [2019/12/04 20:21] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ===== SELinux - Do Boolean Lockdown ===== | ||
| - | |||
| - | Run the **getsebool -a** command and lockdown system: | ||
| - | |||
| - | <code bash> | ||
| - | getsebool -a | less | ||
| - | getsebool -a | grep off | ||
| - | getsebool -a | grep on | ||
| - | </ | ||
| - | |||
| - | To secure the machine, look at settings which are set to ‘on’ and change to ‘off’ if they do not apply to your setup with the help of setsebool command. | ||
| - | |||
| - | Please note that SELinux adds 2-8% overheads to a typical installation. | ||
selinux/do_boolean_lockdown.1468234983.txt.gz · Last modified: 2020/07/15 09:30 (external edit)