Differences

This shows you the differences between two versions of the page.

--- selinux:understanding_selinux_configuration [2016/07/11 13:06] – peter
+++ selinux:understanding_selinux_configuration [2019/12/04 20:33] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== SELinux - Understanding SELinux Configuration ======
-The SELinux configuration file is **/etc/selinux/config file**.
-The following are the possible values for the SELINUX variable in the **/etc/selinux/config** file:
-  * enforcing – The Security Policy is always Enforced
-  * permissive – This just simulates the enforcing policy by only printing warning messages and not really enforcing the SELinux.  This is good to first see how SELinux works and later figure out what policies should be enforced.
-  * disabled – Completely disable SELinux
-The following are the possible values for SELINUXTYPE variable in the /etc/selinux/config file.  This indicates the type of policies that can be used for the SELinux.
-  * targeted – This policy will protected only specific targeted network daemons (such as DNS, Apache and others).
-  * strict – This is for maximum SELinux protection.
-SELinux is also often configured in the Grub boot loader.  Search **/boot/grub/grub.conf** file using grep for the words **selinux** or **enforcing**:
-<code bash>
-egrep -i 'selinux=0|enforcing=0' /boot/grub/grub.conf
-</code>
-If you found lines with selinux=0 or enforcing=0, remove them and save the changes.
-Reboot the server:
-<code bash>
-reboot
-</code>