Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Use linux's semanage command to query and modify the security context

2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

This article will explain in detail about the use of linux semanage command security context query and modification, Xiaobian think quite practical, so share to you as a reference, I hope you can read this article after harvest.

The semanage command is used to query and modify the security context of the SELinux default directory. SELinux policy and rule management related commands: seinfo command, search command, getsebool command, setsebool command, semanage command.

Syntax format: semanage [parameter]

Common parameters:

-l query-a add, you can add some directory default security context type settings-m modify-d delete

Reference Example

Check the default security settings for/var/www/html for this article:

[root@linuxcool ~]# semanage fcontext -l

Set the default security for the/srv/samba directory with semanage This article is public_content_t:

[root@linuxcool ~]# mkdir /srv/samball -Zd /srv/samba drwxr-xr-x root root root:object_r:var_t /srv/samba

As shown above, the default case should be var_t :

[root@linuxcool ~]# semanage fcontext -l | grep '/srv' /srv/.* all files system_u:object_r:var_t:s0 /srv/([^/]*/)? ftp(/.*)? all files system_u:object_r:public_content_t:s0 /srv/([^/]*/)? www(/.*)? all files system_u:object_r:httpd_sys_content_t:s0 /srv/([^/]*/)? rsync(/.*)? all files system_u:object_r:public_content_t:s0 /srv/gallery2(/.*)? all files system_u:object_r:httpd_sys_content_t:s0 /srv directory system_u:object_r:var_t:s0

The above is the default security information under/srv, but it is not specified to/srv/samba:

[root@linuxcool ~]# semanage fcontext -a -t public_content_t "/srv/samba(/.*)? " [root@linuxcool ~]# semanage fcontext -l | grep '/srv' /srv/samba(/.*)? all files system_u:object_r:public_content_t:s0

Try restoring defaults:

[root@linuxcool ~]# restorecon -Rv /srv/samba* About the use of Linux semanage command security context query and modification is shared here, I hope the above content can be of some help to everyone, you can learn more knowledge. If you think the article is good, you can share it so that more people can see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report