Chapter 44. Working With SELinux

Chapter 44. Working With SELinux

44.1. End User Control of SELinux
44.1.1. Moving and Copying Files
44.1.2. Checking the Security Context of a Process, User, or File Object
44.1.3. Relabeling a File or Directory
44.1.4. Creating Archives That Retain Security Contexts
44.2. Administrator Control of SELinux
44.2.1. Viewing the Status of SELinux
44.2.2. Relabeling a File System
44.2.3. Managing NFS Home Directories
44.2.4. Granting Access to a Directory or a Tree
44.2.5. Backing Up and Restoring the System
44.2.6. Enabling or Disabling Enforcement
44.2.7. Enable or Disable SELinux
44.2.8. Changing the Policy
44.2.9. Specifying the Security Context of Entire File Systems
44.2.10. Changing the Security Category of a File or User
44.2.11. Running a Command in a Specific Security Context
44.2.12. Useful Commands for Scripts
44.2.13. Changing to a Different Role
44.2.14. When to Reboot
44.3. Analyst Control of SELinux
44.3.1. Enabling Kernel Auditing
44.3.2. Dumping and Viewing Logs

SELinux presents both a new security paradigm and a new set of practices and tools for administrators and some end-users. The tools and techniques discussed in this chapter focus on standard operations performed by end-users, administrators, and analysts.


[23] LVM is the grouping of physical storage into virtual pools that are partitioned into logical volumes.