Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual page 71
Selinux guide
Hide thumbs
Also See for ENTERPRISE LINUX 4 - SELINUX GUIDE:
- Manual (410 pages) ,
- System administration manual (400 pages) ,
- Administration manual (200 pages)
Table of Contents
Advertisement
Chapter 5. Controlling and Maintaining SELinux
For
, the
option is only usable by itself, it cannot be combined with other options. In this
id
-Z
example, the change to root using
of making a role change as well, i.e., from
following a
newrole
# You are an ordinary user here:
whoami
auser
id -Z
user_u:system_r:unconfined_t
# Switching to root changes your UID:
su - root
Password:
whoami
root
# Only the SELinux user name changed, which has no effect in
# the targeted policy.
id -Z
root:system_r:unconfined_t
Using the
option with
-Z
focus on what you might want when considering the security permissions of a file. It displays mode,
user, group, security context, and file name.
cd /etc
ls -Z h* -d
drwxr-xr-x
root root
-rw-r--r--
root root
-rw-r--r--
root root
-rw-r--r--
root root
-rw-r--r--
root root
-rw-r--r--
root root
drwxr-xr-x
root root
drwxr-xr-x
root root
drwxr-xr-x
root root
drwxr-xr-x
root root
5.1.3. Relabel a File or Directory's Security Context
You may need to relabel a file when moving or copying into special directories related to the targeted
daemons, such as
~/public_html
of
.
/home
There are two general kinds of relabeling operations, one where you are deliberately changing the
type of a file, the other where you are restoring files to the default state according to policy. There
are also relabeling operations that an administrator performs, and those are covered in Section 5.2.2
Relabel a File System.
did not cause a change in role. In a stricter policy,
su
command:
su
groups together common long format information. The display choices
ls
system_u:object_r:etc_t
system_u:object_r:etc_t
user_u:object_r:etc_t
system_u:object_r:etc_t
system_u:object_r:etc_t
system_u:object_r:etc_t
system_u:object_r:hotplug_etc_t
system_u:object_r:etc_t
system_u:object_r:httpd_sys_content_t htdig
system_u:object_r:httpd_config_t httpd
directories, or when writing scripts that work in directories outside
to
system_r
sysadm_r
su
. This removes the step of using
hal
host.conf
hosts
hosts.allow
hosts.canna
hosts.deny
hotplug
hotplug.d
57
is capable
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE
Related Products for Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.6
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4 - LVM ADMINISTRATOR
- Red Hat ENTERPRISE LINUX 4 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 4.5.0 -
- Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat LINUX 7.2 - OFFICIAL LINUX CUSTOMIZATION GUIDE
- Red Hat LINUX 7.1 - ISERIES
- Red Hat Enterprise Linux 2.1
- Red Hat CLUSTER FOR ENTERPRISE LINUX 5.0
Need help?
Do you have a question about the ENTERPRISE LINUX 4 - SELINUX GUIDE and is the answer not in the manual?
Questions and answers