This is an old revision of the document!
# sestatus # yum install policycoreutils-python # man semanage
... semanage {import,export,login,user,port,interface,module,node,fcontext,boolean,permissive,dontaudit}
# semanage fcontext -l
# echo "<h1>Hello World</h1>" > /var/www/html/index.html # ls -Za /var/www/html/ # echo "<h1>Hello World 2</h1>" > /root/index.html # mv /root/index.html /var/www/html/index.html # ls -Za /var/www/html/ # chcon -v -t httpd_sys_content_t /var/www/html/index.html
# ps axZ | grep ssh # yum install setools-console # sesearch --allow | grep sshd_t | grep port # semanage port -a -t ssh_port_t -p tcp 2222 # yum install policycoreutils-devel # sepolicy network -a /usr/sbin/sshd # semanage port -d -t ssh_port_t -p tcp 22
# runcon -t inetd_child_t -r system_r -u system_u cat /etc/passwd # runcon -t httpd_t -r system_r -u system_u cat /etc/passwd
# semanage boolean -l ... httpd_can_connect_ldap ...