[SOLVED] SELinux: My First Policies

Support for security such as Firewalls and securing linux
Post Reply
jmacdougca
Posts: 75
Joined: 2017/12/09 00:49:14
Location: Port Coquitlam, BC
Contact:

[SOLVED] SELinux: My First Policies

Post by jmacdougca » 2020/10/31 00:21:41

I am at the point it's time to create my first policies.
I have read the HowTo Security SELinux, watched the video SELinux for mere mortals and multiple other documents I have received from the community.
I understand with a wide scope of what the purpose and intentions of SELinux is and now ready to start implementing policies with the the policy generation gui tool. Just not sure exactly where to start. There are so many options. I am looking to be coached through my first few policies and have my hand held.

I know must achieve a minimum the following:
  • enable users to be able to ssh into the network
| - got this figured out SELinux Management Tool gui - very cool!
  • get the webpages to load on the network again
Okay I got this solved. Here is what I did;

I updated the /var/www/ files since I am currently using non standard directories. Had to give permission for SELinux to communicate with httpd.

I had to fix one of the pages because the images weren't loading. I

Code: Select all

semanage fcontext -a -t httpd_sys_content_t "/home/www(/.*)? restorecon -R /var/www
and that's pretty much it.
So my use case is complete for the time being. This is a success for My Mission. Hope this helps someone.
  • enable scp
- Got this figured out

SELinux is set to enforcing right now.

This is where I am atm
Image
Start less finish more

Post Reply

Return to “CentOS 7 - Security Support”